Here are some pretty ugly numbers and a look in to why I am so obsessed with helping people avoid infection. The sad part is, you can protect yourself pretty well with basic “security 101” stuff like segmenting the network, “least privilege” access, weapons-grade backups and quality awareness training/simulated phishing. You don’t need to burn money to protect yourself.
- 85 percent of those infected had systems forced offline for at least a week
- 1/3rd of cases resulted in data being inaccessible for a month or more
- 15 percent found that their data was completely unrecoverable
- 63 percent of orgs have no official ransomware policy in place
- About 50 percent of victims paid more than £3000 ($3700) in ransom
- SMBs usually paid between £500 ($621) and £1500 ($1864)
Those are pretty ugly numbers folks. My company has a free Ransomware Hostage Rescue Manual that can help prepare for this, as well as a free ransomware simulator you can use to check your endpoint protection settings and capabilities. Please, for the love of all that is good in the world, do something to prepare for ransomware attacks. No matter the size of your company, you need to be ready. Not to sound like a sales pitch, but the KnowBe4 platform starts at only about a buck per month/per user and gives you unlimited training and phishing with a really easy to use platform, so things that can make a big difference (and it really does!) aren’t even that expensive.
Erich Kron is the Security Awareness Advocate at KnowBe4, and has over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the US Army 2nd Regional Cyber Center-Western Hemisphere.