Tyler Technologies has paid a ransom for a decryption key to recover files encrypted in a recent ransomware attack. Tyler Technologies states that they are the largest software company in North America devoted to the public sector, with over $1.2 billion in revenue for 2020 and 5,500 employees.
Paying the ransom should always be organisations\’ last resort. It is unfortunate that Tyler Technologies found themselves in that position and isn\’t necessarily a reflection on the security precautions they had in place prior to falling victim to this attack.
Recently, in fact, cybercriminals have learnt to make up to date, secure backups useless by exfiltrating data as part of their ransomware attack. The victim is then threatened with the public release of such data and is forced to pay a ransom hoping that attackers will keep their word.
The increasing complexity of these attacks further reinforces the case for prevention. Organisations should have an efficient email filtering system and run regular cyber awareness training programmes that can at least help secure the most popular entry vector, which is employees\’ inboxes. Furthermore, even in instances of double extortion ransomware, having secure, offline backups always places the victim in a better position and increases the probability that they won\’t have to pay up.