As recent attacks like WannaCry and NotPetya have proven, the amounts of money attackers are asking for is often quite affordable for businesses, often ranging between SGD$400-$800 per computer, in return for data to be decrypted or access regained. This has led to larger enterprises including banks stockpiling Bitcoin in order to be ready to pay out when attacks happen. The logic here is that the cost of paying the ransom is usually far less than the implications of lost data and downtime to the organisation, which could be far more damaging overall. This is a vicious cycle however, contributing to a notable climb in the use and value of e-currencies, therefore making it easier for cyber extortionists to thrive. It's also very short sighted, proactively inviting more attacks, as cyber extortionists add these organisation to their 'will pay' list.
At Datto our mantra is and has always been, don't pay the ransom, don't pay the ransom, DON'T PAY THE RANSOM! First, when you pay the ransom, you are letting the thieves know that they have a fish on the line. You have money, and you value your data. They'll come back again and again. Even if you pay the ransom, there is a significant chance you won't get your data back anyway. We spend a lot of time working with our partners in Singapore and across the wider region to communicate this fact, as we know that SMBs can be low hanging fruit for these attacks, usually having way less time and money to commit to protecting their data.
This aside however, knowledge is king, so knowing how to react, could mean the difference between damage and disaster. According to our recent study 75 percent of MSPs report3 SMB clients experiencing business-threatening downtime as a result of a ransomware attack.
As new technologies emerge, and threats evolve, we know that even with the best will in the world and the most up-to-date security software, businesses can still be affected by cyber extortion. The only way to recover therefore is to ensure you can minimise the chance of downtime, and that means being prepared.
Thanks to the wonders of MSPs and software-as-a-service tech, even SMBs can afford to have a proper BDR solution in place to stay on top of ever-evolving threats, which could go a long way in keeping your doors open and your money in your pocket.
Sign up for Computerworld eNewsletters.