A recent survey noted that 80% of businesses that pay ransoms suffer another attack. Cybereason’s report also shows that almost half of ransomware victims ended up with some or all of their data corrupted. In the wake of the Kaseya attack, it’s more important than ever to make sure your systems are secure.
Security professionals generally recommend against paying attackers. Ideally, businesses will have robust backup and disaster recovery solutions in place. Those that don’t may choose to pay in hopes of getting back to work quickly. However, this survey proves that there is no guarantee of success. If some data is recovered but critical portions are not, the price may not have been worth it. Worse still would be getting up and running again, only to be hit with ransomware a second time. 46% of those attacked twice believe it was the same hackers as before.
66% of attacked organizations suffered a major revenue loss, while 53% noted a reputation hit. While 51% got their data back without any loss, 3% reported not getting any encrypted data back. Almost three-quarters of respondents claimed to have policies in place to deal with ransomware attacks.
The recent high-profile attack affected “fewer than 60” of Kaseya’s customers, but around 30 of those were Managed Services Providers (MSPs). Over 1,000 of those MSPs’ customers, including Swedish grocery chain the Coop and some schools in New Zealand, were then hit with REvil ransomware code on July 2nd. While on a smaller scale, this is similar to last year’s SolarWinds hack and demonstrates that no one is immune. Anyone who uses an Internet-connected device must be confident in that device’s security.
The initial ransomware demand to restore all affected businesses’ data? A staggering $70 million, a “discount” on the $45K or so asked per system, making it the largest such attack so far. It is crystal clear that businesses, including healthcare organizations and providers, must take precautions to safeguard their systems as well as their finances. Finding a reliable MSP and ensuring a disaster recovery plan is in place is more vital than ever.