top of page

What You Should Know if Your Business Is Targeted by Ransomware


While I am sure that you know that ransomware is on the rise, statistics about just how pervasive it is may still leave you shocked. In 2020 alone, there were close to 300 million ransomware attacks worldwide.1 The cost of ransom payments demanded by hackers are also increasing along with the attacks themselves. In 2020, the average cost of a data breach in the U.S. was $3.86 million, according to IBM’s annual Cost of a Data Breach Report.

There isn't concise data on how many people get hacked every year. However, according to Norton, a well-known antivirus software company, there are around 2,200 cyberattacks per day 


As horrifying a concept as this is, there are actually ransomware-as-a-service tools out there that have made it easier for criminals with little technical knowledge to become threat actors. These attackers are less predictable and seem to lack  even an honor among thieves mentality. In the past, bad actors had lists of organizations they wouldn’t attack, such as cancer treatment facilities, but that isn't always the case anymore.

A ransomware attack can affect any organization, regardless of size or industry. In the past, the threat actors preferred to target large organizations, but today, SMBs are the most vulnerable.  Cybercriminals count on these businesses to lack the resources to defend against cybercrime or the IT teams to frequently evaluate cybersecurity measures. 


With ransomware expected to hit businesses every 11 seconds2,it is important to have a mind set of not IF but rather WHEN your business will come under attack. Fortunately, there are security solutions and measures your business can employ to avoid a devastating breach.  

If a breach or ransomware attack does occur,  there are a few things you should know.


Before Reacting to a Ransomware Attack, Remember:


1.      The FBI advises against paying a ransom because spending money does not guarantee the hackers will share the keys to decrypt your data. They are, after all, criminals!


It doesn’t make any sense to place your trust in cybercriminals who have already demonstrated that they aren’t afraid to break the law and take advantage of you for financial gain. However, many businesses find themselves in this situation because they don’t have sufficient security, backup or compliance measures, and are desperate to get their data back.


Another reason the FBI advises against giving in to ransomware demands is that you are encouraging criminals to conduct further attacks. If these attacks didn't yield significant rewards, it’s likely there wouldn’t be as many. 


2.    Ransomware negotiators” are available for hire, if you fall victim to a ransomware attack and feel that you have no option other than paying. 


In ransomware negotiations, the most crucial moment occurs long before a ransom amount is discussed. This is because the hackers have already gained considerable control over the organization’s network by encrypting access to sensitive business data and other digital assets. The more data they encrypt, the greater the negotiating power they have.


Therefore, before you begin negotiations, you need to know how much data has been compromised and what negotiating methods have been employed in the past by the criminals. Professional ransomware negotiators can help at this stage. Although a ransomware negotiation rarely results in a ransom demand being totally withdrawn, it can significantly bring down the asking price.


3.      Victims of ransomware should understand that:

·        The data will not be erased in a trustworthy manner. Much worse, it will be sold or stored for future extortion attempts.

·        It takes multiple parties to handled the exfiltrated your data, so even if the hacker deletes a large portion of the data once the ransom is paid, other parties who had access to it may have made duplicates to make payment demands later.

·        Before you can even respond to an extortion attempt, the data may get leaked either intentionally or inadvertently.

·        Even if the threat actor explicitly promises to release the encrypted data after payment, they may not keep their word.


Make Your Move Before It’s Too Late


By now you may feel like it is impossible to combat the menace of ransomware targeting vulnerable systems. Fortunately, that isn't the case but it takes a well thought out and layered security posture.


Since no one security measure is perfect or guaranteed, layered security assumes that attackers will infiltrate different layers of an organization's defenses or have already done so. The goal of this approach is to provide multiple security measures so that if an attack gets past one security tool, there are others in place to help identify and stop the attack before your data is stolen.


If the idea of protecting your business is overwhelming, don’t worry. You don’t have to do it alone. There are experts, like us, to do the heavy lifting for you. Our cybersecurity expertise and knowledge will help you pave the way to a more secure future. To get started, contact us for a consultation.



1.       Statista

2.       Cybersecurity Ventures

4 views0 comments


bottom of page