Imagine you have just arrived at the office and you go through your usual routine: Sit down at your desk, log into your computer, and prepare to start the day.
Then something happens that is never a part of anyone’s daily routine.
A message comes across the screen saying, “Your network has been penetrated. All files on each computer in the network have been encrypted with a strong algorithm. Your backups have either been encrypted or deleted. No decryption software is available. To decrypt your files, contact us with your payment ready. No system is safe.”
While that may seem like something out of a Hollywood film, that message is from the Ryuk ransomware strain, one of several varieties that ran amok in 2019 that cost American companies more than $75 billion in lost business and recovery costs.
And 2019 was particularly bad for these types of attacks. You may have seen headlines involving companies and municipalities like Baltimore, and New Bedford, MA, and others that were severely impacted. For example, Norsk Hydro faced a crippling attack that brought their business to a halt with an estimated loss of $71 million. The City of Baltimore was crippled by the Robinhood variant with the malware shutting down all key systems for an extended period, bringing all city services to a halt for weeks. The estimated price tag to recover from that attack: $18 million.
Ransomware became a mainstream threat in the early 2010s. It steadily grew relative to other cybersecurity threats and shows no signs of slowing down as we head into 2020.
Organizations looking to prevent an attack should focus on these preventative measures:
For more information about how DGC’s IT Risk Assurance & Advisory Team can help protect your organization from Ransomware threats, contact a member of your client service team or Nick DeLena, CISSP, CISA, CRISC at 781-937-5191 / firstname.lastname@example.org.