What if a hacker assumed your identity and defrauded your customers, friends, and family? Just the thought is enough to give you sleepless nights.
One account takeover is all it takes for a hacker to rob you of eye-watering sums of money and ruin the reputation your business built over the years. In fact, over 55 percent of businesses reported higher fraud losses due to account takeovers and it is estimated that an organization will fall prey to ransomware every 11 seconds.
At CyberNINES®, this month we are advocating for Ransomware Awareness, we’ve found that taking a proactive approach to building a cybersecurity compliance plan is the best way to ensure your needs are being met.
RANSOMWARE OVERVIEW
Ransomware has become more prevalent than ever, and predictions are that it will continue to be a major form of cybercrime in the coming years. Ransomware is a type of malware designed to encrypt files or even entire drives so that the business infected can no longer access these files or systems without the key to unlock the encryption, which of course is not available unless a ransom is paid, almost always via a cryptocurrency. This can have a devastating effect on the attacked organization, creating an atmosphere of desperation, that can be mitigated with the preparation or avoided altogether with strategic prevention.
Ransomware attacks all sectors of the economy including healthcare, banking, finance, manufacturing, and small businesses, which essentially means everyone is susceptible. The average demand from ransomware attackers in 2021/22 was $247,000. One of the most spoken of attacks in 2022 was the ransomware attack on the Costa Rican Government as it’s the first time a country declared a national emergency in response to a cyber-attack. Ransomware group, Conti took responsibility for the first attack, asking the government to pay the ransom of $10 million and later increasing it to $20 million. On May 31, another attack plunged the country’s healthcare system into disarray. This attack, linked to HIVE, affected the Costa Rican social security fund. This attack directly affected the common Costa Rican person as it took the country’s healthcare systems offline.
RANSOMEWARE PREVENTION
It is far better to prevent a ransomware attack than to try to recover from one. There are many ways to prevent a ransomware event from happening by taking proactive cybersecurity measures and practicing basic good cyber hygiene. Today, good cybersecurity practices are not only sound business policy but an absolute business survival necessity. In order to prevent a ransomware attack, CyberNINES recommends starting with these best practices from the Cybersecurity & Infrastructure Security Agency (CISA) to help prevent a ransomware attack.
RESPONSE TO AN ATTACK
If your company is truly prepared for a ransomware attack, then you have a significantly lower chance of having an attack occur, however, even the best systems have their weakness, namely human users, and if you do get breached by a ransomware attack, your immediate reactions should be:
1. Isolate the infected systems immediately.
2. Contact law enforcement immediately.
3. Do not pay the ransom
4. If you backed up your files you can recover