What do you if someone manages to encrypt your data? That’s the question that the Kansas Heart Hospital in Wichita had to answer. Someone hacked their systems and started to encrypt their data. They decided to pay the ransom.
That’s when they had to face reality. Fortunately, the hospital had a Plan B, and the ability to put it in action.
“Thieves’ Honor” doesn’t exist. The hackers took the money, but . . . they asked for more money.
They shut down negotiations (and blocked the encryption agent). And then they restored their backups.
Of course, you take measures to protect your data. You have a firewall and anti-virus. You do user training. And so, you think, you are safe. No one is going to be able to hold your data hostage. That’s the theory. But are you willing to gamble with your survival of your organization?
That question is neither hyperbole nor theoretical. Data breaches are shockingly common. And, it’s not just the big companies that get hit. According to one study in the last year, 85% percent of companies with les that 1,000 employees had been hacked at least once. Kaspersky Lab says that approximately 51,050 business computers got attacked by crypto type viruses in 2015.
So, the chances of being hit by something are high. Then what? As the old saying goes “Luck is not a strategy.” Comprehensive and secure backups are. If you have good backups you can walk away from a negotiation with a bad actor. You can even decline to negotiate at all.