Ransomware is a type of malicious software that gains access to files or systems to block user access. All files, systems or even devices are held hostage using encryption until the victim pays a ransom in exchange for a decryption key.
This past year, almost one-third of US businesses reported a data breach. Clearly, the days of low-skilled transactional cyber crime are being replaced by targeted and lucrative strikes with hackers looking to extort large sums of money from big business, government agencies, educational institutions, healthcare providers and even cities.
So, how do you prepare your organization to anticipate and defend against dangerous online security threats? Some recent examples of ransomware hacks – and how they were handled – may hold some answers.
Governments under attack
The same ransomware that is thought to have been responsible for the City of New Orleans state of emergency last year struck Durham City in early March. In the case of New Orleans, once suspicious activity was detected, city staff were told to shut down their computers and disconnect from the Wi-Fi to stop the ransomware from spreading. Servers were out of action. Employees had to pick up a pen and paper to complete tasks, but in most cases, activities were put on hold.
After three cities in Florida were attacked last summer, mayors got together and unanimously agreed to not pay ransomware attack demands and instead focus on disaster recovery planning.
Travelex gets hit during a peak travel period
The New Year’s Eve ransomware attack on Travelex, a foreign exchange company, created havoc around the world as vacationers, global banks and partner institutions lost access to money during the busy holiday period when demand for their services are sky-high.
Hackers told Travelex that they gained access to the company’s computer network back in the summer and had downloaded 5GB of sensitive customer data. Then, hackers asked to be paid six million dollars in two days or the price would double.
Travelex took its websites offline across 30 countries. Lack of digital tools saw staff revert to using pen and paper to try and attempt some form of operations, but that wasn’t enough to maintain anything close to business as usual.
Customers who were attempting to access third-party currency services were left confused as a “planned maintenance” message was in place. At the same time, Travelex social media channels stated they were responding to a “software virus”. Chaos reigned.
Demant faces large cyber-related losses
Danish hearing aid manufacturer, Demant, was hit by a ransomware attack in September 2019 and is expected to be one of the most significant cyber-related losses of recent years at $95 million.
The ransomware hack forced Demant to shut down its entire internal IT infrastructure around the world, with the impact covering from the company’s Polish production and distribution facilities, French cochlear impact production sites, and Danish amplifier production sites to its Mexican production and service, entire Asia-Pacific network, and ERP system.
Demant was unable to supply its products, receive and process orders, and service end users across clinics for weeks.
Financial hit and reputation damage
Beyond the financial harm and losses to any business, government or city hit by a ransomware attack, brand and reputation are also likely to take a nose-dive. The question of whether a business or city adequately protected themselves from breaches comes into play. Did they take the right measures and planning? How will they recover and regain trust?
Also, under data protection laws like the European Union’s General Data Protection Regulation, companies are obligated to report data breaches. If a company fails to protect computer systems and customer data, a fine of up to four percent of annual global turnover will need to be paid.
Hope for the best, prepare for the worst
You’ve got to protect every link in the chain if you want to stand a chance against cyber criminals. Having a strategic plan in place means you’re one step ahead of keeping out the bad guys and that you have the measures in place to return to business as usual once you get compromised.
Be cyber resilient. Prepare for a ransomware hack by getting the right tools in place to investigate and uncover weaknesses and vulnerabilities and make sure your team is trained and has the expertise to use those tools in the event of an emergency. It’s going to take more than just data security software to protect you from today’s hackers.
We’re working with customers every day to address enterprise risk, information security and digital investigation needs. Our industry-leading and award-winning forensic grade solutions were recently named Best Computer Forensic Solution for the 10th year in a row.