Can a cyber attack force you to go out of business? Ransomware attacks are causing small business targets of these attacks to close their doors, even after they paid the attackers for the decryption key. The financial losses and impacts of the attack are just not survivable for some businesses..
In 2019, we saw a dramatic increase in both the number of ransomware attacks, the focused targeting of victims, and the size of the ransom demands. This year is expected to continue these trends. The good news is, that for those organizations who had a computer incident response plan in place and a computer incident response team trained and ready, like Texas did, we able to limit the destruction and recover quickly. Then there were other examples, such as the City of Baltimore, who did nothing to prepare and almost everything they did do was a bad idea. In the end both of these organizations had major unbudgeted expenses to deal with.
Many smaller companies did not fare so well. And for some of them, the damages caused by the ransomware attack was insurmountable, and forced the business to close.
- A telemarketing firm in Sherwood, Arkansas had to close their doors and lay off 300 employees just before Christmas, due to losses suffered during a ransomware attack that happened two moths earlier.
- A two-doctor hearing center in Battle Creek, Michigan suffered a similar fate in March 2019.
- Wood Ranch Medical in California was attacked in August, and both their primary data stores and backup were encrypted. They closed doors in December 2019.
There are reasonably low-cost products that are designed to detect an encryption attack, stop its progress, and alert the IT staff about the attack. Some end-point anti-malware products do reasonably good job of stopping these types of attacks and others as well. If you own a small business, you might want to have your IT staff or support company look into these options and make a recommendation that you can afford.
More information:
Share
FEB
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com