Arguably one of the scariest things any system administrator can hear nowadays is ransomware attack. For the uninitiated, ransomware is currently the fastest growing threat when it comes to malware, and it has zero filter in terms of who it targets. It can be an individual with seemingly nothing to lose, or it could be an enterprise, where the losses could potentially be in the millions.
The first thing that comes to mind is whether or not you should pay the ransom. The financial implication is a big one, especially with most of the notable examples asking for ransoms that are upwards of $500,000.
Impact on your business
Not only does this kind of attack cripple your business, but it also makes your services ineffective, and there’s the threat of data being exposed, leaving your business open to lawsuits. And this is all in addition to the fact that you’re looking at potential downtime with your business and your brand will be more or less permanently damaged.
The moral aspect
Most governmental agencies discourage paying the ransom because you’re basically letting the attacker know they’re successful, and they’ll just keep on doing it. Most attacks require you to pay in untraceable crypto, which means that the attackers would not need to face any kind of repercussions.
The human impact
And as if this wasn’t enough, you’re looking at the human impact of this kind of attack, which applies across all industries. In the energy sector, it impacts critical utilities. In the banking sector, declined transactions are a problem. In the healthcare sector, you’re looking at delayed care, and in a worst case scenario, death. To say the impact of a ransomware attack is real and direct would be an understatement.
What should you do in case of a ransomware attack?
The answer is to plan, rather than pay. With such an attack being a very real possibility, now is a better time than ever to protect your enterprise by planning how you would respond to such an attack. Things like zero trust and perimeter security should absolutely be on the table, and employee training is something you should do yesterday. And of course, you should always backup your data and keep at least one backup on a location that’s off premises. This way, even if you do get hit with a ransomware attack, you’ll be able to wipe all your files and revert them later on from a backup, with minimal downtime and associated costs.