Be aware. If you are hit by a ransomware attack, you may have to pay a lot more than you expected.
Onsite Backups Are No Guarantee
Don't think that you are safe just because you have backups. Ransomware criminals know all about backups. Their malware can discover backup files on external hard drives, network drives and even NAS boxes if you don't take precautions.
Cloud backups provide excellent protection, but how far back do they go? Ransomware can quietly encrypt files for months before you find out about it. Make sure your daily cloud backups cover at least the last three to six months.
Time vs. Money
"Can we get everything back? How long before we're back to normal? What's the cost?"
These are three burning questions if you are hit by a ransomware attack.
In deciding whether or not to pay the ransom, you need to know:
- Will your backups restore everything you need?
- How long will it take to restore from backups?
- What will it cost you in lost productive time, out-of-pocket charges, and the value of any unrecoverable files and work?
Time translates to money. If it will take a week to recover, what will that cost you both in terms of time and emotional stress? A week is not unusual without really good, onsite disaster recovery technology.
Ransom Demand May Be One of Many
Don't be fooled into thinking that the first ransom demand equals your cost of getting back to normal. If you decide to pay the first ransom, you may have to pay again and again to get everything back.
Ransomware has evolved to use multiple encryption keys to lock up your files. You could pay the first ransom payment believing that you'll get all your files back. Unfortunately, your first payment may bring back only some of your files.
After you pay for the unlocking key (known as a decryptor) that works on some of your files, the criminals now demand another, larger payment to unlock more files. The second key may not unlock all the rest of your files. The criminals know you've paid and paid again, so they increase their demand for the third key even more!
More Problems with Making Ransom Payments
Even if you go down the road of paying one ransom payment after another, you may not be out of the woods. The software provided by criminals for unlocking your files can be buggy.
Fortunately, some clever companies specialize in assisting you to recover from a ransomware attack. One of them, www.Unit221B.com, has developed tools to accelerate ransomware recovery after you have paid a ransom. Their tools also address some issues with files that won't properly unlock. For more information, see: https://labs.unit221b.com/2020/04/15/when-ransomware-decryptors-dont-work/
Prevention or Cure or Both?
The best approach to ransomware is to prevent attacks. We recommend state-of-the-art, cloud-based antivirus services. Innovative data theft prevention technology adds another critical layer of protection. Finally, multiple backup technologies and a Disaster Recovery Plan provide cures for ransomware attacks and other disasters.