Ransomware is one of the fastest growing cyber-crimes in the world. Last year, 37% of businesses were victim to an attack.
In case you didn’t know, a ransomware attack is where cyber criminals infiltrate your network (or device) and steal your data by encrypting it. The data is still there, but you can’t access it.
Then they demand you pay a large ransom fee for the encryption key.
If you don’t pay the demand (which can be tens or even hundreds of thousands), they delete your data.
It’s not just the cost of the ransom fee to worry about. There’s the stress, reputational damage and downtime that goes with it. In 2021, the average downtime suffered after a ransomware attack was 22 days.
Official advice is not to pay any ransomware demands.
However, a new survey has shown that a massive 97% of business leaders who’ve experienced a ransomware attack in the past would pay up quickly if they were attacked again
A third of them would pay instantly.
What does that tell you about what a nightmare the whole thing is for any business?
The other problem is, when you pay a ransomware demand, it’s not guaranteed that you’ll get your data back. On average, only 65% of data is restored once a fee is paid.
You may face further extortion. And by letting cyber criminals know that your business pays ransom fees, it’s likely that you’ll face subsequent attacks in the future.
So what’s the best way to deal with ransomware?
First, you should put in place the right security measures to try to prevent an attack:
- Educate your people on cyber security and best practice
- Implement multi-factor authorisation across all your applications
- Use a password manager
- Make sure all updates are installed quickly
- And you should always have a working backup in place – ideally one where older data is retained and cannot be changed
It’s also a great idea to have a response and recovery plan that details what you will do in the event of a ransomware attack.
Not only will it mean your business can respond faster, but it should reduce the amount of downtime suffered as you’ve already considered exactly what needs to happen.