To pay or not to pay?
That is the question many businesses will have to ask themselves if they have been hit by a ransomware attack where their data has been encrypted and held for ransom.
According to a new survey on cyber security, more than half of firms attacked by ransomware cyber assaults paid their attackers, yet a quarter did not receive their data back.
Over half of Australian firms have been impacted by cyber-attacks on their computer systems in the last 12 months, resulting in an average loss of four days of production while attempting to regain access to their systems.
The reality is that, in the event of a ransomware attack, many organisations want to restore regular operations as quickly as possible, meaning they will often pay whatever it takes to get their data back.
But how do you know which is the right decision? To pay or not to pay?
The government’s advice has always been not to pay ransomware attackers. The Australian Cyber Security Centre (ACSC) says that paying a ransom does not guarantee your data will be returned, and it can increase the risk of future attacks.
Here are five steps to take if your organisation is ever faced with a ransomware attack:
1. Do not pay the ransom
Firstly, do not pay the ransom. We know that this is easier said than done but paying the ransom will not guarantee access to your data. It will also encourage criminals to continue these attacks and target other organisations that may be more vulnerable.
2. Access to backups
If you have a robust backup strategy in place, you will be able to recover your data without paying the ransom. If you’ve taken regular backups of your system, you may have a copy of your data that has not been affected by the ransomware.
3. Get professional help
You should seek advice from IT security professionals who can advise how to deal with this specific attack and develop a response plan for walking through the steps of recovering your systems and data.
4. Ensure you are compliant
Ensure that you meet all relevant regulatory requirements for managing any personal or sensitive information that may have been accessed or compromised by cybercriminals during an attack.
5. Learn from the incident
Once you have recovered from an attack, you must learn from it and put measures in place to ensure it doesn’t happen again. Educate your staff on the best cybersecurity practices when working online.
Ransomware is one of the most common cybercrimes. That’s why you should not be negligent about it. You can take many precautions to prevent ransomware attacks and protect your computer system.
Remember that this isn’t a complete list of all the steps you can take to prepare yourself against ransomware attacks. There is no definite way to prevent and stop the attack, but you can secure your PC and make it harder for criminals to infiltrate your computer or get their hands on your critical data.
Better yet, make sure that you have a trusted managed service provider like Wyntec to ensure that ransomware attacks don’t happen in the first place.
Ultimately, a great deal depends on your preparation.