What would you do—right now—if your computer screen locked up and a message appeared, “Your files and data have been encrypted with a strong military algorithm. You have 3 days to pay for our decoder to get your data back.” What if it wasn’t your personal computer at all, but a company computer? What if you owned the company?
In a recent BBC video, reporter Joe Tidy describes the bold response that Norsk Hydro of Sweden made to that kind of a ransomware attack. Rather than succumbing to the hackers’ demands, the 35,000 employees at the company switched over to paper-based operations for days and weeks until the computers could come back online. Salespeople had to work on the factory floor and finance staff made sandwiches, but production in the 170 plants worldwide continued almost unabated.
“I think in general it’s a very bad idea to pay,” Jo De Vliegher, a company spokesperson, told the BBC. “It fuels an industry. It’s probably financing other sorts of crimes.”
Much as we may admire Norsk Hydro’s strong response, the attack and its after-effects cost the company over 50 million dollars. Small wonder that ransomware attacks on businesses have increased by 500% in the past year, according to some sources, and that ransom demands can be in seven figures.
Pay or Perish?
Unfortunately, these circumstances leave some companies with little choice—it’s pay or perish. A survey conducted by Small Business Trends shows that 55% of all SMBs would pay the ransom. It is hard to blame them when another recent report shows that 60% of small companies that sustain a cyber attack go out of business within six months. On the other hand, experts point out that paying the ransom may not solve the problem, since the attacker still may not release the data, or may release part of it and demand more money for the rest.
A Better Solution
Of course, a better solution is to secure your system against ransomware attacks. For a company’s IT department, all of the standard security guidelines apply, as well as ensuring backups of any data needed to run the company. OT (Operations Technology) systems that are increasingly being accessed from outside need to pay special attention. Threats like ransomware attacks that may have seemed irrelevant to an air-gapped system years ago take center stage when OT gets connected to IT. Even with a VPN, any virus that can propagate within IT can make its way into OT.
Strong, closed firewalls are essential, and DMZs can be very useful. In this environment, Skkynet’s secure-by-design software and services allow companies to access their production data without compromising on security. Rather than waiting until after an attack has occurred, the easiest and most cost-effective way to deal with a ransomware attack is to prevent it from happening in the first place.