What do the US Coast Guard, The City of Johannesburg and technology company Garmin have in common? They have all recently been victims of high-profile ransomware attacks, which can be extremely costly.
In 2017, pharmaceutical giant Merck was at the centre of an attack that shut down 30 000 company laptops and 7500 servers, bringing the company to a total standstill for nearly two weeks. The final cost of the incident? An estimated $870 million.
Worryingly, this global cybersecurity threat is already at home on South African soil. In late 2019, the City of Johannesburg was held ransom for over R500 000 as it found itself the victim of a series of repeated attack which ultimately led the municipality to shut down their website and billing system to ensure the software did not spread. Ransomware can attack any device, server, network, and organisation – and it’s becoming increasingly common.
The reason why ransomware is such a serious threat is two-fold: firstly, it is easy for users to overlook, and secondly, because it is equally devastating on single devices and complex networks – and with remote working becoming increasingly essential, the risk is multiplying.
Anything from visiting a website that’s not secure to opening an attachment can install ransomware software on a single device, and if the necessary precautions are not in place, it can easily spread across the entire network.
The end result? You may not be able to access your system while sensitive data and files are destroyed or stolen, leaving you with little choice but to pay whatever the cybercriminals demand to release the decryption key you need to get your precious systems up and running again. But what’s to stop them attacking you again, or simply switching on the software – which can be hidden in your network despite recovery efforts – whenever they want?
Although the ransom amount is dictated by the attacker – most ask for payment in Bitcoin to avoid being traced through the banking system – it is often the secondary cost of ransomware that ruins a business.
With businesses often unable to operate for days on end, and forced to spend months recovering damaged or deleted data files, the ransom itself is often less than the cost of working time lost – which may be why many businesses choose to pay up.
However, payment is no guarantee that access will be restored, nor does it mean that the ransomware software is removed from the network.
Then there is the reputational damage to consider. As consumers and governments alike become increasingly protective of personal information, a breach of this kind – where user data is potentially exposed – can ruin any organisation’s reputation for good.
In an economy where the majority of businesses are struggling to bounce back from the ongoing impact of lockdown restrictions, any loss, whether it’s financial or reputational, is simply not worth the risk.
Protection against ever-evolving ransomware software has become an essential investment.
Although a strict cycle of system and software updates and thorough staff training on phishing are a must, keeping a growing network of devices secure from ransomware means implementing security protocols at every point of the network.
One of the most essential tools is a Firewall – a barrier in your network that decides which web traffic is safe and reduces the risk of drive-by downloading by restricting unusual traffic and blocking unsafe sites.
Next, you need to ensure that your network has both end-point and ransomware protection – software that detects ransomware software and prevents it being downloaded on the devices themselves.
And lastly, you need a cloud or off-site backup setup that exists outside of your network – because there’s no point storing data on a server that is linked to a device that’s one wrong click away from being infected.
Ransomware is real, and it is on the rise – but by investing in a thorough package of solutions – like those from Network Platforms – you can protect your network. Contact us today to find out how best to protect your business.