I feel like all I have been writing about for the past month has been Ransomware. Obviously that is due to the fact that Ransomware is in the news all the time, every day, with new trends that are happening, new "victims" that are identified, and how these organized crime entities keep on upping the ante with each day that passes.
In fact, just this week alone, we learned a couple of new facts about Ransomware. First, we learned that the attackers are going after the Congress of the United States. While this is honestly not a huge surprise as it is just been a matter of time before it reached the Federal Government at that level, it will be interesting to see what the Government response is to this growing crisis. The second thing that we learned is that April of 2016 was the worst month on record for Ransomware infections in the United States. In fact, the data suggests that the number of Ransomware attacks in April of 2016 more than doubled from the number of attacks in March of 2016. Let that sink in for a minute. In a single month, the number of Ransomware attacks rose by 158%.
For this reason, it is our position, along with the FBI and most other IT Security professionals, that you absolutely should never, ever pay the ransom if you become infected by a strand of Ransomware. While, in all honesty, paying the ransom could be a easier, quicker solution, we cannot continue to support this type of behavior. In fact, I know an organization that went through this process of being infected by Ransomware and they stated that paying the ransom was the quickest and cheapest part of the process. So if this is so quick and easy, why shouldn't you just pay the ransom, get your data back, and move on with your day? Here are three great reasons:
I know that all of this is great advice and on paper makes perfect sense. However, when you are infected with Ransomware and don't have good prevention techniques in place (Back Up Regularly!), you need to get your business back up and running immediately. Time is money and businesses need money to survive. So what do you do? My suggestion, in addition to the prevention tips you can find in this blog post, is to have a robust, detailed Incident Response Plan and Program in place.
As part of our IT Compliance Knowledge Series, our May webinar will focus on Incident Response Planning and Management. This 30-minute webinar will be held on Thursday May 26th at 1:00 PM EST. To register, click on the registration button below: