Suppose your business falls victim to a ransomware attack. Your files are encrypted and your staff can’t access them. Because of the attack, your staff cannot do their tasks and your revenue is effectively put on hold. The culprits offer to unlock your data if you pay several thousand dollars as ransom. Should you take the perpetrators’ proposal and pay for the ransomware?
Considering how ransomware is currently one of the most reported cyberthreats within and outside the United States, this question has likely crossed many a business owner’s mind. Some end up paying, but experts say you should hold on to your money instead.
Why should you not pay for ransomware?
The answer is simple: you don’t want to play right into cybercriminals’ trap. Bear in mind that hackers launch ransomware attacks because they want your money. By paying up, you:
#1. Encourage the perpetrators
Paying up proves that the hackers’ schemes work and that they can score more by attacking other businesses or by attacking you again. Imagine adding fuel to an isolated flame and turning it into a wildfire.
What’s worse, paying up won’t solve the problem once and for all. Hackers can feed the dark web economy by using your money to hire new people, upgrade their hardware and software, and launch another, more formidable attack against legitimate businesses like yours, expecting the same results.
#2. Make yourself a target for others
Most hackers want the most gains for the least amount of effort. This is why many hackers look for a target with vulnerabilities in its system and a reputation of paying the ransom. In fact, a report found that businesses that paid the ransom ended up being targeted again by other ransomware attacks 73 percent of the time.
#3. Increase your cyber insurance costs
Cyber insurance is a type of insurance designed to protect individuals and businesses from internet-based risks, including data breaches and cyberattacks. The specific costs covered may differ among providers, but policies usually cover investigation costs, legal expenses, and losses from downtime and reputation damage.
Keep in mind that insurance companies don’t like losing money, so they aren’t always the most enthusiastic about paying claims. Because of this, they usually assign higher cyber insurance premiums for companies with a high risk of experiencing data breaches or falling victim to ransomware attacks.
As far as insurance companies are concerned, paying the ransom makes you very risky and pricey to cover. After all, you not only lost money by cooperating with cybercriminals, but you also made your business a popular target for future ransomware attacks.
#4. Are not guaranteed to get your data back
Paying the ransom doesn’t even ensure that you’ll regain access to your data. Of the companies in the US that paid hackers in 2018, only 26 percent had their files successfully unlocked.
What should you do instead of paying up?
Even when it comes to ransomware, prevention is more cost-effective than cure. You’ll save more money by taking steps to reduce the risk of ransomware infection than paying the ransom. The good news is that protecting your system doesn’t have to be difficult or expensive. Here are three simple ways to prevent a ransomware attack:
- Update the operating system (OS) on your work devices. These include desktop computers, laptops, smartphones, and tablets your employees use to access files or do their tasks. Regular updates ensure that devices are equipped with the latest protection against cyberthreats.
- Educate your staff on best practices for handling emails, especially those from senders they do not know. Ransomware usually spreads through phishing emails, so raising awareness is a great way to minimize the risk of your system getting infected.
- Keep backups of your data, preferably in cloud-based and offline storage. This ensures that you have continuous access to crucial business files even during a ransomware attack. You won’t suffer downtime and you’d continue serving your customers as you work to get your system back up and running.
Truth be told, there is no way to prevent 100 percent of ransomware attacks from affecting your business. Considering how commonplace the threat is, the question is no longer whether or not an attack will hit your business, but when it will happen. As a business owner, the logical thing to do is to prepare as best as you can.
Tech Squared can help you with that. Our team has been helping businesses in Virginia fight some of the most common cyberthreats today, including phishing and ransomware. To get you started on boosting your business’s cybersecurity, download this eBook today!
More Than Just Tech Support