It has been some years since the WannaCry ransomware virus was rolled out and locked down a serious chunk of the global infrastructure. That event was a turning point in cyber security. Hackers had found a way to either create chaos or extort money from unsuspecting and unprotected users and their networks.
The average ransom back then (10 years ago) was $600. Hackers had taken the "throw as much stuff against the wall and see what sticks" approach. Whether it was done for money or to simply disrupt the West, depended on the gang or government doing the bad deed.
Now, the averages are much higher - and the players are now organized crime and they are making a bundle on this.
- Ransomware cost the world $20 billion in 2021. That number is expected to rise to $265 billion by 2031.8, 11
- In 2021, 37 percent of all businesses and organizations were hit by ransomware.9
- Recovering from a ransomware attack cost businesses $1.85 million on average in 2021.9
- Out of all ransomware victims, 32 percent pay the ransom, but they only get 65 percent of their data back.9
- Only 57 percent of businesses are successful in recovering their data using a backup.9
BUT - law enforcement pressure forced ransomware groups to refine their tactics in 2021. It became riskier and costlier to execute an attack and attackers have shifted from large company targets to smaller ones so they can stay under the law enforcement radar. Because of large law enforcement takedowns in 2021, hackers simply and effectively have shrunk the size of the targets on their back. the size of the payoff has drastically increased too - now $40,000 or $50,000 is a common ransom payment.
The most successful attack vectors continue to be RDP compromise, email phishing and software vulnerability. The top industries attacked included professional services, consumer services, materials, public sector, and health care.
The average duration of an incident in Q4 2021 was 20 days, which we attribute to the ability of the attacked companies to be able to internally recover from backups - which is ALWAYS faster than attempting to decrypt data with a threat actor decryptor (key) - those keys cost a lot of money, heartache, downtime, frustration, anger... Nobody should have to pay a hacker - that is tantamount to funding terrorism.
And that is where we land on a BDR Solution...
The Backup and Disaster Recovery (BDR) solution is king. This is an appliance that sits in your server room and backs up ALL your data incrementally and syncs it to a secure cloud datacenter. This enables us to easily and quickly restore all systems and data after we have done the forensics and cleanup of the network, identifying how the intrusion happened and closing that door once and for all. Our BDR is simply a best-of-breed, rock-solid tech that is tried and tested and a Beringer standard for 15 years now.
While we are fans of the other standard Beringer Technology Group tools and filters; user security awareness training, malware, antivirus, intrusion blocking/tackling, scrubbing of email and filtering of firewall traffic, etc... Our BDR solution is simply the best protection you can buy. This solution ensures you will never pay a ransom and can get your data back - and quickly!!
Whatever drives the need for protection, small business can no longer take the approach of "I'm so small this could never happen to me..." Unfortunately, Small Business is now the primary target.
Proactive cybersecurity is critical for businesses of all sizes. By taking steps to understand the threats your business faces and implementing measures to protect yourself, you can keep your data and your business safe. Reach out to Beringer Technology Group today. We can help evaluate your current cybersecurity posture with our Cyber Security Risk Assessment Solution, and implement the right security measures for your organization, including a backup and disaster recovery solution.
Beringer Technology Group, a leading Microsoft Gold Certified Partner specializing in Microsoft Dynamics 365 and CRM for Distribution also provides expert Managed IT Services, Backup and Disaster Recovery, Cloud Based Computing, Email Security Implementation and Training, Unified Communication Solutions, and Cybersecurity Risk Assessment.