The seemingly endless assault on our privacy, our businesses and our government continues to increase, with 2019 setting new records for the number of cyber attacks and the costs of recovery skyrocketing more than 300% over 2018.
A favorite target in 2019 was public entities, particularly smaller cities where IT security is more likely to be less than ideal and the need to restore essential government services is urgent and pressing.
Despite recommendations from the FBI not to pay ransom, 17% of the nearly 100 cities affected in 2019 did make a payment, usually in bitcoin, in order to regain access to their computer systems. Municipalities are caught in a bind between public and media pressure to a problem that could affect thousands of individuals and the distasteful prospect of making a payment that only encourages bad actors to continue their practice.
The alternatives to not paying can be daunting: In May, Baltimore suffered an attack with the hackers demanding $76,000. The city refused to pay and to date has spent more than $18 million in both direct and indirect costs associated with the attack. Atlanta fared no better – by refusing to pay $52,000 in bitcoin Atlanta has estimated the costs of recovery and lost business will exceed $17 million.
Regardless of target – public entity, private or public business, the best way to avoid ransomware is through planning and preparation. Investment in IT security tools before an incident occurs is the most basic and obvious strategy. And even a cursory review of stats associated with ransomware make it plain what your strategy should be.
The following observations should be considered in the context of your own operations:
Ransomware shows no sign of abatement. Rather, as these attacks are rewarded by willing payers the likelihood of their popularity is assured. Risk managers need to refine their approaches to this dilemma and mitigate risk exposure through greater planning and vigilance in all aspects of their technical infrastructure protocols.