nuclear_lily / stock.adobe.com
There were seven people seated around the table: The CEO, the VP, the CFO, the Special Agent from the FBI, the business owner, the forensics technician and the company’s CISO (Chief Information Security Officer).
“Don’t pay” was the CEO’s vote. Same for the VP.
“Pay it,” was the owner’s response. The CFO nodded in agreement.
“Paying could be a violation of Federal law,” stated the FBI representative.
The CISO had a hard time getting words out, as this was the largest ransom that he had dealt with at the time. $1,200,000 was a lot of money. “I don’t see another option, given the status of our backups. Either we pay the ransom or we begin liquidating the company’s assets as soon as possible. Which is the lesser of two evils?”
The CISO negotiated the ransom down to $410,000. The Bitcoin took several hours to amass. The cybercriminals delivered a decryption key, but 30% of the company’s data was gone forever – some of their hard drives filled up during the ransomware encryption process, and the encryption software kept running after the drives couldn’t hold any more data. Every file encrypted after that point was irretrievable. The total recovery took three months to ensure that no backdoors were left in the company’s systems, and the lawsuit to get the insurance company to cover the incident lasted almost two years.
Stopping ransomware includes three key areas: Cybersecurity hygiene of your staff, proper practices by your IT department, and your data-backup strategy. Here are eight ways to prevent a ransomware attack, and eight ways to recover if you fall victim to one:
If all companies followed the specific recommendations above, ransomware cybercriminals would become a thing of the past. With proactive action and a good cybersecurity awareness training program for your staff, cybercrime is a solvable problem!
Bryce Austin is the CEO of TCE Strategy, an internationally-recognized speaker on emerging technology and cybersecurity issues, and author of Secure Enough? 20 Questions on Cybersecurity for Business Owners and Executives. With over ten years of experience as a Chief Information Officer and Chief Information Security Officer, Bryce actively advises companies across a wide variety of industries on effective methods to mitigate cyber threats.
Copyright 2020 ist Magazine