If your business falls victim to a cyberattack, why it likely won’t be the last
If your business gets infected with malware—some of the nasty ransomware that has been circulating around businesses throughout the Philadelphia metro (and all over the United States)—you are a prime target for more attacks!
The thing about cybercrime is these criminals aren’t simply the run of the mill thieves—they plan before they attack, change their strategies if something doesn’t work, and use any data they have on you to their advantage.
And one of the things hackers are starting to look at is if you or your business has already fallen victim to an attack. In fact, if you peruse the Dark Web (you can think of this like the Google for cyber criminals), you’ll find lists of businesses that have fallen for phishing scams, have had their networks penetrated from unpatched or outdated operating systems and software, or have overlooked other glaring security vulnerabilities on their network allowing cybercriminals free range over their data and systems.
[Note: If you need a quick refresher on how to patch, see my recent discussion and if you’ve been on vacation or have been avoiding the news, here is a briefer on one of the latest very potent ransomware attack striking businesses of all shapes and sizes].
Be Forewarned: Lightning WILL strike twice when it comes to cybercrime!
But one of the biggest concerns amongst security experts is that cybercriminals are re-attacking businesses that had fallen victim to ANY form of cyberattack. Why not try to get some more money from a seemingly easy target instead of hunting down new targets? Cybercriminals are smart, efficient and will do anything it takes to drain your bank accounts dry.
Today I want to take a few moments to discuss why—especially in the current cyber threat landscape—why it’s more important than ever to protect your networks against cyberattacks. Whether you’ve been a recent victim of cybercrime or are still thinking that a ransom attack could “never happen to me” , you need to make sure you’re keeping your network safe so that ransomware doesn’t strike your network twice.
New report reveals those attacked once will experience further attacks
A recent report by Sophos revealed that victims of ransom attacks are very likely to experience future attacks on their networks within the year. The report reaffirms that businesses are especially vulnerable to multiple attacks (though healthcare may be one of the biggest targets).
Just to boil things down for you, here are the stats on double-attacks in 2017:
54% of businesses were the victims of more than one ransom attack. Reaffirming that cybercriminals are refocusing on previous victims, security experts are warning that over half of businesses attacked in a year will fall victim to additional attacks.
Why is this?
What we’ve learned is that it’s hard to retrain IT departments or IT staff members that aren’t used to following security standards—patching and updating computers on a regular basis, backing up networks (and testing those backups), devising and testing business continuity plans (which include cyberattacks as a form of disaster)—are prone to reinfections.
The fact is that when your IT Support team doesn’t embody security or doesn’t try to leverage security infrastructure, things simply fall apart. You may think your IT Support team is protecting you (they might think so too), but the reality won’t strike until you become the victim of a ransom attack (or attacks).
More than 85% of business owners of businesses infected with ransomware thought their networks were secure and their data properly backed up until it was too late. If you are worried that you’ve had a ransom or malware attack on your network, here is a refresher on the steps your business should take to remediate a cyberattack.
And what’s even worse?
Recent cyberattacks have not only ransomed your data, but threaten to publish ALL of your sensitive data on the web if you don’t pay up. Commonly known in the security field as doxxing, experts are warning of a new trend in cybercrime where hackers are actually publishing your sensitive files—patient records, social security numbers, bank records—online if you choose not to shell over the ransom money. They’ve got nothing to lose. If you aren’t going to shell out the $33,000 (going rate for a small attack) for your data back, why not just publish it for everyone (including other scammers) to see and exploit?
What does the typical ransomware cost you?
Of 2017 victims, the average attack amounted to over $133,000. Once attacked, you have to think about all of the hurdles involved in recovery—paying a ransom (which is NOT a good solution, but is often the easiest or only available option), weeks of employee downtime, legal fees, remediation costs, and rectification costs). Not cheap by any means!
How to avoid this? Security experts recommend evaluating your network through a network security assessment.