It has been reported that 55% of small and medium businesses (SMBs) would pay up if they were hit by a ransomware attack. The number jumps to 74% among larger SMBs with 150 to 250 employees, as stated in the AppRiver Cyberthreat Index for Business Survey. Nearly 40% went so far as to say they “definitely” would pay the ransom, at almost any price, to prevent leakage or loss of data.
Five Phases of Ransomware Attack:
— William Harvey (@williamharvey07) January 9, 2019
Gavin Millard, VP Intelligence at Tenable:
“Paying criminals is never something I’d personally recommend – after all, you don’t know who you’re dealing with and whether they can be trusted. While research suggests that those that choose to pay do receive a decryption code, what is certain is that the criminal is rewarded for their efforts so encouraged to continue this scourge.
“Instead, the money would be better invested preventing infection in the first place and, if that’s not possible, ensuring an infection doesn’t mean game over.
“Rather than a sophisticated attack, or even a zero-day exploit, ransomware typically targets just a handful of well-known vulnerabilities so the best way to stay ahead of attacks is to practice basic security hygiene. Continuously identifying and patching systems with vulnerabilities favoured by the exploit kits to deliver their payload, improving inbound content filtering and educating users to identify phishing emails, implementing anti-malware controls and backing up critical files should all be considered to make it far harder for the criminals to collect their bounty.
“Should the worst case happen it’s about ensuring you can recover quickly. This means identifying the data and systems that are critical for your organisation to continue to function. If they can’t be protected, ensure you have a robust non-attached backup solution that’s stored security. Systems and data can then be restored effortlessly meaning the business can shrug off the inconvenience and get back up and running quickly.”