Ransomware is still one of the most prolific and damaging types of breached that happen to small businesses today.  Statistics show that ransomware accounts for between 20-30% of all breaches but it can be the most disruptive type of breach that an organization can face.

Effects of a ransomware breach could include:

  • Lost productivity
  • Lost data
  • Reputation damage
  • Fines
  • Financial payments

While the best defense against this type of attack is a good offense, if you do suffer a ransomware attack the decision to pay or not to pay is an individual business decision that needs to be made.  One key factor in this decision is whether or not you have solid working backups of your data that have not been affected by the ransomware as well.  Without good backups, as much as you would like to avoid the ransom payment, you may not have a choice.  If all your organization’s data is lost, it is likely that you will struggle to stay in business at all.

The ransom payment may not be your biggest concern at this point.  Based upon the fact that the people asking for the ransom may not have the best integrity as they are criminals, you could make the ransom payment and still not get your data back.  And if you do get access to your data, it doesn’t guarantee that they will not continue to sell it on the dark web as well since before triggering the ransomware code, they likely already exfiltrated our data.  It truly can be a lose/lose situation for you if you have been infected by ransomware.

The best way to avoid being in this situation is to employ a complete defense in depth security program.  A program like this would include at a minimum:

  • A comprehensive backup disaster and recovery (BCDR) program which is regularly monitored and tested
  • 24/7/365 threat monitoring which could detect the breach early to prevent it from compromising your entire network
  • A regular employee awareness program to help employee recognize malicious threats before acting on them
  • Tools which will allow you to isolate malicious code as soon as it is recognized

By playing offense you can significantly reduce your risk of falling victim to a ransomware attack.  The best approach is to be prepared so you can avoid paying the ransom which proliferates the problem and funds threat actors.