Ransomware might not be of much of a concern to you, but it could be to your employer or other top performers in your company/firm. Most people don’t realize that nearly 50% of organizations had at least one instance with Ransomware or an attempted cyber attack in 2017 as reported by Sophos.
Most of these instances were caused by users falling victim to social engineering, weak passwords, or intelligent scans performed against the organization. As reported by the RTD in 2017, Monticello even went under attack for several days, paralyzing most of their systems. And I am here thinking… wow… Monticello, really?! You see other reports coming from NBC 12 about phone ransomware, the Richmond Free Press about attacks at Richmond’s City Hall, and you wonder, (as I look over to see my cell phone ringing “scam likely”) just who is safe, and…. these can’t be the only ones that have been reported?
Honestly, most banking and financial institutions have incident responses in place, so even if there is an attack of ransomware and they can isolate it and decide that a certain percentage of data was in fact not breached or going to be used for damaging purposes, (a minimal/low threat) they don’t even have to report it. (So you might not even know!)
The thing about it is that – This kind of malicious software is dangerous for all users because it comes from cryptovirology. The main problem of Ransomware is a threat of disclosure or blocking of personal data if a ransom was not paid. However, there are cases when the data is still inaccessible or published even after paying the money. (So most places don’t pay it!)
On average, the loss of 1 stolen record costs $141. In addition, that same stolen information often appears on the Dark Web and is sold there from $1-$2500.
How much is your data worth to you? How much is your data worth to your employer? Do you have an Incident Management or Cyber Security Handbook, what about policies that reflect social engineering, personal device use, and strong passwords? Multi-factor authentication? I won’t bore you with geo-filtering, or port scanning, or penetration testing but these are all things companies should be performing to protect their employees, customers, and end-users. In the past, I have been to some places that don’t even have firewalls in place. Talk about SCARY!
In a previous article, I mentioned how you could get a new identity for $1000 – potentially, that is what you’re worth on the dark web. But it seems most kudos are coming from global partners versus those here in the states and here locally, almost as if “we don’t have time for malware/ransomware.” With increasing threats of these types of attacks and malware, you will eventually have to make time and spend an awful lot of money in recovery if you are not prepared.
There are lots of good – “preparedness tools” and “best practices” that I am more than happy to share with corporations and their proprietors as well as helping with internal audits. It’s always best to invest in your companies resources and their people to educated them at home and in the office as well. (Oftentimes, these get you discounts on your insurance.)
Maybe you are asking yourself now… “Is there cybersecurity insurance?” – The answer is YES, and I will cover more on that topic in the weeks to come.
Chief Information Officer / vCIO
I provide CIO and IT Support Services alongside a mid-sized technical support team of engineers for business. Bastionpoint Technology is a managed service provider for businesses ranging from 1-500 users! We specialize in Legal, Medical, and Professional services, but support so much more. Retail, Finance, Healthcare, Manufacturing, Non-Profits, and you’ve certainly heard of our clients. We offer unlimited on-demand services, with an on-demand price point to meet every client’s needs. Just call on us – we put your business first!
