CNN: "Crippling ransomware attacks targeting US cities on the rise" -- “Targeted ransomware attacks on local US government entities -- cities, police stations, and schools -- are on the rise, costing localities millions as some pay off the perpetrators in an effort to untangle themselves and restore vital systems.”
A local municipal service fell victim to ransomware last week. The organization reached out to Network Solutions, Inc. (NSI) for help when they became aware that their network had been breached by ransomware with a demand for twelve bitcoins (approximately $151, 386).
NSI Security experts recommended against paying the ransom and quickly mobilized a team to re-image the servers and workstations. NSI was able to re-image the hardware and use backup snapshots to minimize data loss.
The ransomware attack is suspected to have originated somewhere in Asia. In the process of bringing the systems back online, it was apparent that the attack may have been prevented.
By reaching out to NSI and rebuilding rather than paying the ransom, the victim organization spent a fraction of the cost of the ransom to regain control of their network and get back online.
The cost was inexpensive in comparison to the ransom, but unexpected costs are always painful to bear.
The moral of the story, as is always the case with data and network security, is that an ounce of prevention is worth a pound of cure.
Leveraging defense in depth using Cisco AMP for Endpoints, Cisco Umbrella, and Cisco Cloud Email Security will significantly mitigate the risk of ransomware attack.
When budgeting for security, organizations need to consider more than just the loss of valuable, proprietary data. The potential costs in unexpected remediation expenses, reputation damage, and stress should all be factored in and assigned an appropriate value.