More and more businesses and organizations are getting stung by ransomware demands. Hospitals, schools, social networks…some days it seems like an epidemic that leaps around arbitrarily, and hackers are raking in millions.
Tallied across the word…billions.
Ransomware attacks are devious in their simplicity. A user in the target business is tricked into opening a file, usually through a phishing email or download. The file contains malware which instantly encrypts your data and demands money in exchange for the password.
No payment = no password = no data.
All of the target businesses should have backups, which they could simply revert to without paying any money, but the FBI reports more than $209 million was sent to hackers in the first quarter of this year alone. Keep in mind, this was just payments within the US, and only counts those who came forward.
Last year it was only $25million.
Aren’t backups helping?
Sometimes the backup solution fails and the data can’t be retrieved. This is particularly true in cases where the solution has been in use for years and something failed along the way.
In other instances, the target business has a backup that can be restored, but it doesn’t include everything they need for full recovery.
Finally, and the most common reason so many businesses are forced to pay the ransom: the ransomware attack affects the entire system – including attached and synchronized backups. If the backup is also caught in the ransomware encryption, it becomes useless as a recovery method and the only options are to pay or lose the data forever.
Each day spent trying to recover the data is a drain on valuable business resources and in many cases, results in massive revenue loss.
The only defense is to block the malware before it can infect the first workstation, and then continue the protection with a comprehensive backup strategy for all workstations and servers.