In a perfect world, every business would have the time and resources to implement the best possible cybersecurity solution, but alas! There tend to be budgetary constraints or other operational hurdles to jump over for organizations of all sizes.
Unfortunately, this means that organizations are susceptible to cyber attacks like ransomware. Ransomware is a type of malware that locks the victim out of their own data by encrypting it and demands a ransom be paid for access to the data. These attacks can devastate businesses, especially when they hold sensitive or confidential information.
When two of our clients were hit with ransomware, Exact IT responded quickly and in the best interest of our clients. In an ideal world, these organizations would have been able to implement our recommended security approaches. However, budget constraints hit all companies at some point in their existence. Take a look at what happened in each example.
One Phony Email Causes a Scramble
When another organization and its 125 employees were hit with ransomware, it caused a panic.
Prior to the cyber attack, we offered words of warning concerning their usernames and passwords. We suggested changing the generic usernames they were employing, such as “adminadmin,” and we also urged them to update their password complexity. All of their users also had installation rights, meaning once the hacker got access, they could install any program they chose.
The hacker sent an employee a malicious email that, when clicked, allowed access to that particular computer. Then the ease of access through generic usernames and passwords meant they could also infect the shared drives with more than 30 computers and five servers. One click was all it took to let in a cybercriminal.
The hacker then locked the organization out and encrypted all their data, including the software they used to bill their clients. We determined that the best course of action, in this case, was to pay the ransom so they could get back up and running as quickly as possible. Fortunately, we were able to restore their data without any ill-effect.
To ensure they won’t get hacked again, our consultants helped the organization implement stricter security processes that disable user rights to certain access points. Not everyone needs to have administrator-level permissions.
We also enrolled them in email spam training through Knowbe4 to educate employees on how to detect a phony email. They sent out fake emails to see which team members were clicking links without verifying their source or authenticity. If a team member fell for the phishing scam, they could receive further cybersecurity education.
Hindsight is 20/20
In our second example, a small company backed up its data locally through a shared drive. Unfortunately for them, the type of ransomware they were hit with targets servers with Shadow Copy backups on them, an automatic local backup.
This particular ransomware attacks these copies of data so that you can’t use them to avoid paying the ransom, which in this case was $200,000. Because the data that was backed up before the encryption was gone, the organization had no recent backups to restore. Instead, our consultants had to use months-old data and build it up from scratch.
We also needed to sideline the infected servers by turning them off, removing any internet access, and rebuilding the network.
Previously, our consultants told them the best course of action would be to implement a two-tier backup system, locally and in the cloud. Unfortunately, they didn’t have the budgetary resources to do so. The cost of the necessary software and hardware for the backup we recommended would have been $30,000. However, the whole ordeal ended up costing them $100,000 to get everything back up and running, including $35,000 a day in downtime costs.
After the ransomware attack, they did implement the two-tier backup system. It was a hard lesson to learn, but hopefully one they will take with them in the future.
While the most advanced data security will help keep your organization safe, sometimes all it comes down to is education. Do you and your employees understand the risks and pitfalls of the information your organization carries? Do you understand the disaster that could occur if your company is hit with ransomware?
“I feel like someone broke into my house while I was sleeping,” said one of our ransomware victims.
When those of us in IT make or request a new course of action, most people groan and complain about the time and effort it will take to implement the changes. However, we can almost guarantee that these much-required changes are worth going through to save you time, money, and potentially your business.
Interested in making your organization more secure?
Fill out our Security Survey to receive a security assessment from our in-house expert. It only takes 2 minutes to complete.