Redtree IT

Would you pay up if attacked with Ransomware?

May 27th 2022

By Matthew Phillips

If your business was held hostage by a Ransomware attack, would you consider paying?  This is a question every business should be asking themselves.

Not so they are ready to handover their hard earned cash but so they at least consider the effect such an attack could have on the business.

A Cardiff based company at the end of 2021 was faced with a ransomware issue. The hacker had tricked one of their staff into downloading a malicious file.

Unfortunately, technology and security was not something that was being taken seriously and the file ran with full access to all the data.  Before anyone

notices, all the data was encrypted.  It was still there, but the files were not accessible – none of them.

What would you do if you came into work one morning and all of your company data was gone?  For this Cardiff Based company all they could do was call around IT companies looking for help, and then wait. Luckily there were backups of the data, held in the cloud so recovery was possible, but this was complete luck as this scenario had not been considered in any Disaster Recovery plan.  Data was recovered and within a week of the outage and business was back to normal.

How would you have handled this situation?  Advice says to never pay the ransom, but if you didn’t have reliable backups what other option would you have.

The stress and damage to your reputation would be bad enough, but what about loss of earnings suffered by downtime.

The average length of time to recover fully from a ransomware attack in 2021 was 21 days.

Remember, if you pay the ransom, you are not guaranteed to then get your data back.  You are dealing with criminals and don’t have much leverage if they fail to keep up to their end of the deal.

So, what is the solution.  Well prevention is the best option, put the right security methods in place.

  • Human firewall – Teach your staff to be vigilant.
  • A commercial paid for next-gen antivirus.
  • Turn on multi factor authentication wherever you can.
  • All staff should have a password manage like Keeper or LastPass.
  • Keep your operating system and applications up to date.
  • Backup and test your backups.

There are other systems your IT provider can put in place as part of your Office 365 setup such as turning off any protocols you do not need and securing

administrative accounts. It’s also a good idea to have a disaster recovery plan in place, talk through different scenarios and see how you would get through them.

As always, if you would like to talk through any issue or concerns, why not give us a call.