According to Kaspersky, a company is hit by ransomware every 40 seconds. There’s a lot that goes into handling a ransomware cyberattack, not the least of which is, “Should we pay?” While IT implements the security incident response plan, Senior Management weighs the dilemma of how to respond to the demand for money. The FBI, DOJ, and CIA say don’t pay up – here are a couple of reasons:
- Experience shows that if you pay once, you’re likely to get hit again as a willing victim. Criminals return to the source.
- One in five small and medium-sized businesses that paid the ransom never got their data back.
Remember: These are criminals. As an IBM security adviser asked, “Why should you trust them?” Good question. Rather, prepare for ransomware cyberattacks not only with prevention (proactive prevention is the best defense) in mind but also think about your response – what would you do if your systems did get shut down by ransomware? If you respond well, you may minimize the operational downtime, and if you’re a care provider, that’s crucial.
Image Credit: ITworld/Phil Johnson
How to Prepare for Ransomware
- - Educate your employees. Start training your employees to spot phishing emails with simulated phishing email campaigns. Ostendio partners with security awareness training companies to provide this service to our customers.
- - Configure firewalls to block access to known malicious IP addresses.
- - Have a patching schedule in place.
- - Ensure that your anti-virus and anti-malware software is up-to-date.
- - Categorize data based on sensitivity – some data is worth more than others.
- - Back up data regularly. We cannot emphasize the importance of this enough. Then, test your restoration process to ensure it’s working.
- - Create a culture of cybersecurity.
But when ransomware attacks happen, you must react instantly and with assurance.
Careful preparation needs to be part of basic business continuity planning and your security incident response plan. Regularly rehearse plans, and test bringing backups online, so there’s a smooth transition when it’s needed most.
If you use a third-party vendor for any part of your systems or data, check on their preparedness, too. How are they handling the security of your sensitive data? You may be on top of your own cybersecurity and data privacy practices, but if they’re not, you’re highly vulnerable.
You mitigate your own risk if your health technology vendor is proactively addressing theirs. Our clients can use MyVCM’s workflow management not only to reduce their own non-compliance risk but also their vendors’. You’ll find that the peace of mind that comes from transparency is invaluable.
So, should ransomware strike, report and respond. But keep your money where it belongs. Working for you, not criminals.