Can you Survive the Cyber Attack coming your way?
Author: Kirk Evans
Whenever there is a new round of Cyber attacks on the news, we hear people asking – “What just happened to xyz company? Can that happen to me?”
The answer honestly is Yes and No, depending on which portion of the question we are answering.
What is happening to companies in the news these days? Encryption Viruses planted by Cyber Criminals is the culprit the news tells us about. A virus finds its way into a corporate network and encrypts (locks) the server and all of the data it contains.
This act is crippling to businesses.
Can this happen to you? Absolutely, and it WILL happen to you. If not now, in the future a virus will find its way into your corporate network; there is no way to stop it. Not man nor machine can screen out every possible attack. As criminals become more sophisticated and develop ways to “legitimize” the look and feel of the emails they send, you and your employees will be subjected to the most “innocent” of mistakes that will allow the virus in.
What happens next poses the most important question – How will this affect me? Stated another way, will I be subject to the same ransom demands and financial hardship as all of the companies I hear about in the news?
The answer to that depends entirely on you and how you backup your data. Plain and simple, in one answer – HOW YOU BACKUP YOUR DATA MATTERS!
Let’s consider a few scenarios for how this could play out. And in some cases, how it has played out rather publicly.
Enter Virus and Cyber Criminal, your data is now encrypted and Ransom is demanded.
Scene 1 – No Backup Solution = Pay the Ransom Demand.
If you do not have a backup of your corporate data, then you have no choice but to pay the ransom demand so you can get back to business. Keep in mind with this scenario, you may not actually get all of your data released with the first payment. When you demonstrate that you are willing to pay, you run the risk that portions of your data are held back for an additional ransom request.
What happens when the data is unlocked? It is our understanding that many remnants of the encryption code remains in the files, which would be time consuming and costly to clean up. The files that are unlocked should be normal, but you would be taking a chance at trusting that the data is clean and has not been infected with some other malicious app or software.
Scene 2 – I have a Backup, but it is Visible to my Network = Pay the Ransom Demand.
Ouch. Even if you have a backup solution, but it is visible and accessible to your network, the virus can get in and encrypt your backup data.
This scenario played out with the Town of Wasaga Beach in 2018. They had an offsite backup, but the virus was able to infiltrate the backup, and they were no better off. In fact they were worse off, as they had a false sense of protection and confidence in their systems. This mistake was costly, as the Township paid $35,000 in ransom to recover the data. In addition, they reported paying over $50,000 in consulting fees and $160,000 in staff lost productivity. (Source: CTV News Barrie)
Another local example is the Township of Midland. They too had a backup system that became infected and encrypted. Upon paying the ransom demand and attempting to restore their systems, a few files were not decrypted and they paid an additional ransom for their data. It is reported they paid $76,000 in ransom demands. This does not factor in lost productivity and additional IT resources; these figures have yet to be reported. (Source: Simcoe.com)
Guess what? When you pay the ransom in the two scenarios above, you have invited the Cyber Criminals to attack you again. If you are willing to pay once, you would be willing to pay again.
Scene 3 – I have a Backup, Offsite, and Blocked from my Network = No Ransom Paid 😊
Yes, it is possible to weather a Virus Attack and deny the Ransom Demand.
We have customers that have experienced this scenario. No one is immune to the attack, and the best defense is an EFFECTIVE backup solution. In this scenario, the customer says no thank you to the ransom, and within hours they are back up and running. While the recovery process is not instantaneous, it is a lot less costly.
You also send a message to the Cyber Criminals that you are not worth their time and effort. You may still encounter malicious attempts, but the majority of their efforts will be spent on more fruitful businesses.
When you hear about Cyber Attacks and Ransoms being paid, how does your opinion and perception of these companies change? Do you have confidence in their brand and trust their company?
Many organizations are exceptional at their core business offering, and we trust them for their ability to deliver. But what about the infrastructure that supports them, their ability to protect their business and keep their doors open for another day?
And what about your business? Can you confidently say you will weather the Cyber Attack coming your way? Will your doors be open the next day ready for your customers?
We leave you with one clear message – Offsite Backup Blocked from your Network.
Call us, and join the businesses that say NO to Cyber Criminals and Ransom Demands.
Published January 2020