Pay or Play
Crypto viruses work by locking all your files and documents with a password. The decryption key provided after paying the ransom frees the data and allows you to access your information. Once the hackers deploy the encryption virus, retrieval options are limited. You can submit to the ransom demands and receive the decryption key, hire a third party to provide a key, or rebuild your database on your own. Unfortunately, the last option only becomes a viable alternative if you have consistently backed up your system, either to an uninfected server or the cloud.
Deciding to pay the ransom comes with its own set of challenges. Hackers are experts in assessing human nature and design their payment amounts to strike the right balance between enough money to justify the effort but reasonable enough to make other options seem less palatable. In fact, most ransom demands never hit the threshold needed to involve law enforcement. The FBI rarely investigates these crimes because they tend to range between $100-1000, not enough to trigger the need for a full-scale response.
When confronted with a ransom, many victims will decide to pursue a solution on their own. Many times it ends up being easier, and more cost-effective, to simply pay the demand and move on. Unfortunately, capitulating to hackers does not protect you from future attacks and, in many instances, your submission can leave you vulnerable to addition extortion and attacks.
Learn By Example
While criminals use crypto viruses against a variety of small businesses and professional organizations, those companies that manage and store sensitive data often make the most alluring targets. While in the past credit card numbers were the hottest commodity on the black market, these days cyber criminals are seeking more granular data. That’s because social security numbers, dates of birth, and other personal information can be used to create false identities. Armed with a complete profile of an individual, hackers can create a fake persona that can be used to open credit accounts, create counterfeit documents, and even generate a prescription for opioids and other high-demand drugs.
Because of the amount of sensitive data they store, doctors, hospitals, and other healthcare providers can find themselves besieged by ransomware and crypto virus attacks. In one recent case, a medical facility discovered hackers were behind the complete encryption of all their patient files. With a $17,000 ransom on the table, they refused to pay the fee and instead searched for another solution. Their decision to ignore the ransom demands were motivated, in part, by HIPPA regulations, which would have required the facility to notify all patients their database had been compromised. Instead, the medical practice bypassed the ransom and the notification requirement by hiring a third-party decryption provider. Unfortunately, the final price tag hit the $50,000 range, much more than the initial demand – a high price to pay to maintain a professional reputation and comply with federal regulations.
When it comes to online security, an ounce of prevention can prevent a costly cure. Small business owners owe it to their employees and their clients to ensure every aspect of their computer network can repel even the most sophisticated cyber-attack. The focus should be on protecting and defending their networks, not on repairing damage after the fact. Establishing a comprehensive data and network security strategy not only protects your customers, it ensures continuity of service and establishes your professional reputation as reliable and trustworthy service provider.
The tendency to put off implementing network safeguards puts many small businesses at risk for even more exorbitant payouts down the line, either in the form of ransom, fees to a third party or through the time and effort required to rebuild a database. While the initial execution of a whole-enterprise online security strategy can seem prohibitively expensive, when parsed out over time, those initial investments pay off tenfold not only by keeping your critical data safe but by enabling regulatory compliance, reducing risk, and forestalling costly payouts in the event of a breach.