Throughout the last month, city governments have made headlines for the massive ransoms they have paid to cybercriminals after being infected with ransomware. Between two Florida cities, Riviera Beach and Lake City, $1.1 million of ransom was paid to decrypt their files. With that, we have one thing to tell them and everyone else: STOP PAYING THE RANSOM. Here is how to shut these criminals down: call WatchPoint right now to learn how CryptoStopper and WatchPoint Backup can save you from being faced with having to make this decision.
Excerpt from interview with Brian Hawkins - Former IT Manager of Lake City, Florida
WatchPoint Data: What made the city decide to pay the ransom?
Brian Hawkins: Timing was one aspect - how long do we wait to see if we can recover the data? Should we try and negotiate to recover our data? The city used its insurance firm to hire a third-party company to negotiate on the city's behalf. The negotiators used an email address associated with the ransom to contact the cybercriminals behind the attack. There was no actual initial ransom or deadline until the hackers were contacted by the company. Ultimately, the city paid 42 bitcoins, which is wroth around half a million dollars.
2019 Ransomware Statistics
In 2018, over 850 million ransomware infections were detected, an increase of over 97 percent throughout the last two years. It’s believed that a new organization falls victim to a ransomware attack every 14 seconds. This number is expected to reach 11 seconds by 2021. Phishing emails, the number one attack vector for ransomware, has increased 109 percent in 2019 alone. In a survey conducted by Pwnie Express, 50 percent of cybersecurity professionals do not believe their organization is prepared to repel a ransomware attack.
Do we have your attention yet?
What Happens When You Pay the Ransom?
For most cybercriminals, hacking is their full-time profession and believe us when we say this; they are cashing in. In 2018, over $8 billion in ransom was paid from ransomware attacks. Think back to Riviera Beach and Lake City who paid $600,000 and $500,000, respectively, last month. By infecting one victim, these cybercriminals made more in one day than most can imagine in several years. These figures alone are what keep hackers coming back for more.
STOP PAYING THE RANSOM!
A poll of nearly 1,200 cyber attack victims by CyberEdge Group showed nearly half of the organizations paid the ransom. However, only 27 percent recovered their files. Forty-four percent of organizations did not pay the ransom and still recovered their files. Why? Because they had proper backups that allowed them to wipe their computers clean of the ransomware and recover their files from their latest backup.
In the past, hackers were about 50/50 on whether they would give you the decryption key to recover your files if you paid the ransom. Essentially, they didn’t see a reason to give you the key when they already have your money. Lately, however, hackers have started providing the decryption keys, enticing individuals or businesses to pay the ransom, so, in the likely event that you are infected again, you will pay the ransom without question.
When, and only when, we start arming ourselves with the proper cybersecurity tools and STOP paying the ransom, will we start to see businesses have peace of mind. Ransomware and other forms of cybercrime are here to stay. The world is only becoming more technology-driven, and fortunately for you all, WatchPoint has CryptoStopper and WatchPoint Backup to provide the tools necessary to combat these cybercrimes.
Use a 1-2 punch to stop ransomware: CryptoStopper and WatchPoint Backup
CryptoStopper™ uses deception technology to detect ransomware. During the installation process, decoy files are strategically deployed. We call these Watcher Files. When ransomware begins the encryption process, CryptoStopper™ detects it in real-time and takes automated action to stop the attack and alert you to the event.
Antivirus and firewalls no longer provide the protection you need to save your network from a ransomware attack. Using deception technology and CryptoStopper is the only way to stop an actively running attack that has gotten past your traditional defenses.
Photo courtesy of IDG Connect