Has your organization been a target of ransomware? Did you pay the ransom? If so, did you get all your data back? Whenever an organization becomes a victim of a ransomware attack, paying the malicious attackers may seem like the only hope, especially for companies that don’t have proper backup procedures in place. Unfortunately, statistics are showing us that paying the ransom guarantees little in return. Here are some key data points collected from a large sample size of mid-sized organizations spread across the globe.
- In 2021, 37% of organizations have experienced some type of ransomware attack.
- The average costs of remediating against a ransomware attack grew in 2021 to $1.85 million.
- The average cost of paying the ransom grew to $170,000.
- 32% of the organizations affected by a ransomware attacks decided to pay the malicious actors.
- ONLY 8% WERE ABLE TO DECRYPT AND RECOVER ALL THEIR DATA AFTER PAYING THE RANSOM!
The last point truly brings reality into check. Paying the ransom rarely pays off. This can be attributed to many factors, but the overwhelming majority of organizations say that they received the ransom key after payment, but were unable to use it in an effective manner. This can be linked to poorly coded malware and IT teams with limited experience.
What Can You Do?
It is extremely important for organizations to take proper precautions to protect themselves against the increasing threat of ransomware.
- Perform monthly or quarterly vulnerability scans against your external perimeter and internal networks to stay up to date with the latest vulnerabilities that could give an attacker their initial foothold.
- Perform annual penetration testing to protect against advanced techniques that may allow an attacker to pivot once they have a foothold.
- Create effective Incident Response policies and procedures.
- Conduct tabletop exercises to validate and identify gaps in your Incident Response Plan.
- Perform consistent security awareness training with employees to limit the chance of successful social engineering and phishing attacks.
- Have proper onsite and offsite backup policies and procedures in place. If you fall victim to ransomware, you may be able to recover from backup, with limited, if any data loss, and not rely on paying a large sum of money for an 8% chance of getting your data back.
When it comes to protecting your organization’s critical data, it’s time to get serious. nGuard is ready and willing to discuss all these preventative solutions with you and your team.