Why Do the Bad Guys Keep Winning?
Posted by Chad Atchley on May 21, 2020 10:00:00 AM
Every 11 seconds, someone within the United States is infected with ransomware. That means that by the time you finish reading this blog post, almost 30 people will have their data locked and encrypted unless they pay a cybercriminal a ransom of hundreds or thousands of dollars (hopefully it’s not YOU!).
In the United States alone, businesses lost $75 billion in 2019 due to paid ransoms, lost productivity, and lost data. However, they spent $15 billion in cybersecurity technologies for the purpose of preventing these infections and security breaches. Clearly, the “bad guys” are winning.
GET PROACTIVE: Learn more about Cyber Recovery Solutions to help you protect, detect, and most importantly recover in the event of a ransomware attack.
So, why are companies being infected so often and losing so much money in ransoms and lost revenues? The simple answer to this is that most IT departments do an amazing job at securing their network perimeters and even deploying tools that run on their computers to try and mitigate these risks. However, network security is often like an egg: hard and rigid on the outside, but once you get inside, it is soft and gooey. The bad guys that create ransomware and other malware know this and design their viruses to slip in using vulnerabilities on the network, people’s bad Internet habits, and simple neglected systems to wreak havoc. Once they are in, their software can spread across the network at will and cause substantial damage and cost.
In the past, if systems were infected with ransomware, many IT departments would attempt a restore of data from backups to avoid paying the fee. However, ransomware cybercriminals have wised up to this fact. They now design their viruses to infect and corrupt their backups before infecting and locking their systems, thus preventing the ability to restore data and avoid paying the ransom.
What can be done?
Unfortunately, being infected by ransomware is more a matter of “when” than “if.” Regardless of the money spent on security products and services, it only takes one person clicking on the wrong link on a webpage or opening an infected email or attachment to release malware and ransomware on the network. This is truer now more than ever. With most people working from home (where there are less network securities in place), the amount of ransomware attacks have gone up 150% between March and April 2020 alone! When you are infected, your choices will be to pay up and hope the bad guys honor their demands (Why should they? They are bad guys after all!) or try to recover your data from backup and hope the infection hasn’t reached your backed-up files.
To ensure your backups are clean and that you know when your last clean backup was taken (after all, the backups could have backed up the infection with your data), you need to implement additional technologies to your backup solution to analyze your backed up data and prevent it from being changed. Technologies like WORM (Write Once, Read Many) storage and machine learning tools can keep malware from changing clean data once it has been backed up. They can also scan the files that have been backed up and identify malware that has infected files but is dormant.
Before the next malware or ransomware attack holds your business hostage, look at your network security and your data protection solution. Ask your team where there may be risks or vulnerabilities and take the initiative to implement the technologies, process changes, and end-user training needed to keep your company out of the headlines.
If you do not know how to get started or what specific options work best in your environment, ask ConvergeOne. We are here to help! Our team of cybersecurity and data center Solution Architects can work with you to baseline your network, determine what risks exist, and position a variety of services and solutions to meet your needs.
View our Cyber Recovery case study to find out how ConvergeOne implemented tools and processes for one of our customers to help them avoid paying ransoms.
Can your organization recover from A ransomware attack?
ConvergeOne Cyber Recovery Services provide a combination of specialized cyber vault and indexing technologies with traditional backup platforms, giving you the ability to recover your systems and data to resume operations as quickly as possible. Register for a complimentary Cyber Recovery Workshop today to learn how to recover from a ransomware attack.
Topics: Data Center, Cyber Security, Cyber Recovery