What is Ransomware, and how to deal with it?

Ransomware is a type of malware that encrypts the systems it infects, usually after siphoning off a copy of the data to sell on the dark web. The cybercriminals behind these attacks issue a ransom demand to affected organisations, promising to provide a decrypt tool or code if they pay the ransom. It's difficult to get accurate figures as many organisations hit by ransomware don't talk about it publicly. But surveys of the available data show that 40% of those that pay the ransom never get a valid decrypt tool. And that 73% of those that pay also get hit by further ransomware attacks down the line.

Unfortunately, we have seen a rapid rise in the number and sophistication of ransomware attacks in recent years. This is due to a high success rate and significant financial returns for cybercriminals.

The implications of a successful ransomware attack on a business or other organisation can be catastrophic. In some cases, if there has been no planning for such an attack the event can be terminal, and the organisation will not recover from the disruption. The damage comes on three fronts:

·??????????Financial - the financial implications of a ransomware attack are substantial and rising rapidly. The Sophos State of Ransomware Report 2021 shows that the average cost to deal with an attack in 2020 was $761,106, and in 2021 it rose to $1.85 million. These are the costs for everything associated with the attack - paying the ransom, dealing with disruption, operational downtime, staff overtime to recover, and more. For just the payment of the ransom, Sophos report an average of $170,404. Could your organisation pay these sorts of figures and survive?

·??????????Reputational - in addition to the financial hit that a ransomware attack brings, there will also be reputational damage if client data is stolen and leaked before the encryption step of the attack. There will also be damage to trust in your organisation when other businesses are looking to find business partners. If you are a managed service provider, then allowing ransomware to jump from your systems to the client's IT will be particularly bad. As Kaseya are discovering via the supply chain attack that has impacted thousands of their downstream clients.

·??????????Operational - ransomware makes IT unusable. Most modern businesses rely on their IT to function. Whether it's PCs controlling manufacturing processes, knowledge workers doing digital tasks, or healthcare providers controlling diagnostic and treatment machines and accessing patient records. Losing IT means losing the ability to operate normally.

?

Protecting your Business from Ransomware

Protecting against ransomware is crucial. Taking steps now to put protections in place and having plans to recover afterwards must be a core part of business planning operations.

Guarding against ransomware and other cyber threats is a specialised task requiring cybersecurity professionals who focus on it entirely. The threat landscape is constantly changing, and to keep up with the attackers is a full-time job. Or even more than a full-time job, as many cybersecurity experts will attest!

The good news is that organisations don't have to have these full-time cybersecurity professionals on staff. They can use dedicated cybersecurity managed service providers to supply the expertise and remove the burden of training and staff retention. One such expert provider is FraudWatch International. Renaissance partners with FraudWatch in Ireland to deliver their range of cybersecurity solutions in the market.

FraudWatch's Ransomware Protection Services can detect and disable known and emerging variants. They stop attackers in their tracks and then work with you to make sure your systems are clean. See their Malware Protection & Detection Services landing page for more information.

Learn More

Renaissance and Fraudwatch can help protect you and your clients against the destructive impacts of ransomware and other malware threats.?Contact us?today to find out more, and see our?July ransomware focused?micro-site for lots more info on ransomware protection.