I have several bones to pick with these nefarious actors. My biggest gripe is that they cause pretty significant disruption in the lives of innocent people--and I'm not just talking about the disruption of services. There is a seeping distrust, anxiety and/or paranoia that occurs in the wake of these types of events. Have you ever googled "underground bunker"? These types of events feed that doomsday mentality.
My second gripe is that STUDENT LOANS ARE RIGHT THERE! Do some good in the world! Just kidding...kinda.
And my third gripe is that these actors now almost exclusively demand bitcoin when they levy these attacks. I totally understand why. It's a lot faster and more difficult to trace than a wire transfer of USD. So, again, I understand why it's the currency of choice. However, these bad actors are giving crypto opponents more ammunition and those of us in the good fight don't need the additional work.
The reality is that, regardless of which side of the crypto argument you fall on, this is going to be a problem for all of us going forward. So, aside from reminding employees not to open suspicious attachments, what can organizations do to prepare themselves for one of these hacks/attacks?
Obtain Cybersecurity Insurance
These types of attacks are becoming so commonplace that businesses across every sector are purchasing cybersecurity insurance. When a business' security is breached, there is a myriad of things that can happen and most of those things costs lots of money. From the ransom demanded by the attackers, to the cost of forensic investigations, to defending against litigation from customers/clients, to crisis PR management when sensitive information is made public. These attacks can be expensive and require a multitude of resources that many businesses simply do not have at the ready. Insurance can be the difference between a timely response with a manageable financial impact and reputational ruin with bankruptcy.
Invest in Upgrades
Schools, hospitals and public utility companies are frequent targets of cyberattacks because they have lots of sensitive personal and/or financial information and oftentimes have outdated systems and insufficient IT security resources. Software upgrades are oftentimes required by operating systems for a reason. Old versions have known security gaps that make for easy targets for exploitation. Many organizations argue that they cannot afford to make upgrades but the cost of upgrades will likely be less than the cost of a ransom. On top of that, in cases where the attacker obtains and threatens the release of private information, they oftentimes go on to release or sell some or all of that sensitive information after they've received payment. Upgrades may not completely eliminate the threat of cyberattacks but it certainly makes them more difficult and therefore less likely to occur.
Develop a Back-Up Plan
In cases where business information is encrypted by attackers, Forbes estimates that more than 90% of organizations that pay ransoms don't get all their data back even when they pay the ransom. (Hackers simply cannot be trusted.) Because of that, and because it is simply a best practice, businesses should make it a point to develop and implement a back-up strategy. There are multiple strategies that utilize a combination of onsite and offsite locations, and an IT or cybsecurity consultant can help determine which strategy is best for a given business. But backing up data is the key to ensuring that your business is able to continue operating when a hacker attacks. So back it up.
A satoshi of prevention is worth a bitcoin of cure.