You turn on your computer and find a notice that all your files have been encrypted and will be destroyed unless you pay a ransom. There’s a clock ticking down the seconds. Your files are being held hostage and so is your organization. Paying ransom is the least of your worries; the biggest cost to your business will be the downtime, data recovery costs, reduced customer satisfaction and lost sales. There’s no better example than Hollywood Presbyterian Medical Center, which was a victim of ransomware in February. They paid $17,000 in bitcoin, and also suffered 10 days of downtime; with unwanted media attention and its staff resorting back to pen and paper. The true cost of a ransomware infection goes beyond the actual ransom.
The FBI reported a loss of 24 million to ransomware attacks last year, and that number is likely underestimated due to victims’ unwillingness to reveal when they’ve been hit. Four months into this year and ransomware is exploding and growing in complexity. It’s no longer just targeting individuals and small businesses, but also larger companies and spreading within corporate networks. Victims often have these things in common: they hold critical information and infrastructure; they have immature and vulnerable security programs and they have the ability to pay the ransom. Most organizations believe their signature based security tools or traditional sandboxing solutions will protect them from these attacks, but the attacks methods continuously evolve. Test your systems at malwaretest.brite.com.
Cybercriminals are running their organization like any business would, refining their business model and testing the market with every attack. Hackers are even borrowing customer service tactics, with call centers and technical support, to guide victims on how to pay up and get their files back. They’re streamlining the payment process, making it user friendly and reaping the benefits. It’s a lucrative business. It’s important to note that downtime occurs even when the ransom is paid. Infected computers must be wiped and restored and that takes time…and time equals money.
Check Point SandBlast provides enterprises with a multi-faceted prevention strategy that combines proactive protection that eliminates threats before they reach users, and state-of-the-art CPU-level exploit detection to expose even the most highly camouflaged threats. Every effort is made to prevent attacks, but if an infection occurs SandBlast detects and contains the infection and gives your security team the tools to effectively respond and remediate. There is business continuity during an outbreak and downtime is eliminated. Checkpoint’s management system provides end-to-end visibility that enables customers to react quickly to any events affecting their network and also enables them to better prevent threats. As ransomware grows, it’s increasingly likely that your business will get hit; the clock is ticking, click here to find out more about Check Point SandBlast.