Ransomware Becoming More Prevalent
Current estimates have ransomware attacks on businesses sitting at around $40,000 per incident. The primary viruses responsible for this were typically the Sodinokibi and GlobeImposter variants. More recently however it has been noted that a whole myriad of bad actors using Ryuk, Phobos, Snatch, Estamani, Hidden Tear, and Netwalker have started being pushed to potential victims. Once these malicious programs infect your workstation or server environment, the ransom is demanded (usually in the form of a crypto currency) and failure to pay it results in loss of data and about 12 days of company downtime, give or take.
It has been found that smaller companies tend to mitigate these threats far better than larger corporations who implement extremely vast and complex network environments. The latter type of organization is typically the ideal target because they have the means to pay higher ransoms, often times in the amounts of $100-150k respectively. Attempting to restore data via decryption methods or prior backups is extremely time consuming and not always successful depending on the type of attack and how it works.
Everything is connected now. Everything. And those connections are typically to the internet in some form or function. If you’re not monitoring your traffic or don’t have a security solution in place for mitigation of threats, you can find yourself paying some random person a world away to get your sensitive data back or simply unlocking your network. As the digital landscapes change, there are always companies out there who keep on top of these things to protect business owners from suffering massive data losses and financial setbacks, including 24 hour monitoring. Even insurance companies have recognized this threat and have started selling cyber insurance policies years ago to help recoup business losses for most any type of breach you can imagine.
This is just a friendly reminder that these things are still happening and becoming more and more intricate. The cost to establish a safeguard isn’t just some random expense on a spreadsheet that’s not making your company any money. The costs used to implement and maintain these solutions far outweigh the losses you would suffer without them. Not to mention it’s going to look far better in a court of law if you’re ever sued by your customers should an actual breach occur, that you did in fact have multiple types of protection running at all times and that you took your network security seriously. As well as your customer’s sensitive information.