"Monetizing spamware or stolen data requires more time and expertise than ransomware and involves higher risks of being detected by law enforcement. In addition, the rise of anonymous cryptocurrency, such as Bitcoin, has made it easier than ever for attackers to infect a machine with ransomware. The success of ransomware has made it possible for cyber criminals to make hundreds or thousands of dollars per infection, and they get paid immediately."Given the growing profitability of RaaS, we can't expect ransomware attacks to subside in the near future. Organizations must brace themselves for that likelihood by preparing for a potential ransomware infection. Specifically, companies should review their disaster recovery program and determine whether they can rely on backups in the event of a ransomware attack. Smith explains further:
"For many organizations, ransom decisions come down to the most cost effective plan of action. If systems and data can be restored quickly from backup with minimal data loss, then not paying a ransom demand is a viable option. However, in order to be confident enough to ignore ransom demands, IT teams need to continually test backups to ensure all critical business data is being captured and that the backups are viable."Backups might protect an organization's critical data, but restoring from a backup presents its own challenges. Above all, data restoration takes time, which more than likely means service interruptions for critical business systems. As a result, if organizations are to protect themselves against losses in productivity following a ransomware infection, they must plan out every step of the backup process to make sure the business gets back up and running as soon as possible. Smith couldn't agree more with this point.
"Organizations have to take the next step and verify they can restore critical business systems quickly to minimize downtime and service interruptions. For most security teams, this means they will need to practice – a process that takes both time and resources. However, this investment can pay significant dividends in the event of a ransomware infection. Planning and testing a streamlined backup process can reduce the cost and risk associated with restoring data. If organizations make these investments, ransom demands can become irrelevant."For information on how organizations can mitigate the risks of and respond to a ransomware infection, please click here. Additional information pertaining to the threat of ransomware can be found here.