What do you think the biggest trend in online business is today? Online retail? Comparison shopping? The truth is, it’s much more nefarious. The biggest trend, and the biggest threat to modern businesses of all types, is a cyberattack.
Modern cyberattacks can come from any direction and at any scale. You might be assaulted by anyone from an individual with a few scripts on hand, to an automated virus created by a hacker gang, to a nation-state level actor looking to compromise anything they can.
At the same time, threat vectors abound. Companies have been burned by anything from a targeted phishing email to an infected thumb drive left in a parking lot to a dedicated, personal attack. Technology education is improving to help prevent these kinds of attacks, but there’s only so much you can do to train the entire global populace.
All of these vectors and all of these attackers share one thing in common: their motive. They want to make money, and they do so by infecting your company infrastructure with ransomware to hold your data for ransom. This might mean paying to decrypt your infrastructure or paying to prevent your customer data from being sold on the black market.
It might be surprising to some, but most modern cyber attackers, hackers, and malware groups are often true to their word. You might think that there’s no sense in paying a ransom because the gang could take the money and still sell your information or fail to decrypt your data.
The truth is; however, these gangs want to make money. If they betray the trust of their victims, no further victims will pay; they burn their reputation. Whether they do it via threats or by being nice, the situation is still the same. They want you to pay, possibly more than you can afford.
Negotiation is a surprisingly viable tactic. People like Kurtis Minder of the security firm GroupSense even make their living negotiating with these criminals while helping to promote and establish better security practices for potential and actual victims.
It’s a classic “rock and a hard place” situation. On the one hand, failing to pay a ransom means starting a business over from scratch. On the other hand, paying can cost an extortionate amount of money and bankrupt a company as well. Negotiation has the potential to reduce the ransom and, at the very least, turn an untenable situation into a recoverable one.
Unfortunately, all too many companies (and even individuals) have many misconceptions about cybersecurity. They might think that their business is too small to be worth attacking. They might believe the commercials produced by security companies that a simple firewall or set of antivirus programs will protect them.
What many fail to realize is that there’s a constant arms race and ongoing war between security firms and attackers. Attackers always have the advantage, as well. There’s no way to completely protect a company from cyberattacks short of getting rid of computers entirely, which simply isn’t possible. Security through obscurity, the idea of being beneath the notice of hackers, doesn’t matter when the attacks are impersonal and automatic.
While the internet is fraught with danger, that doesn’t mean falling victim is inevitable. The best way to negotiate with an attacker is to protect yourself from being attacked in the first place. While security can never be perfect, your business can take steps to minimize the damage an attack can cause and turn a business-destroying attack into a mild speed bump in a workweek.
The two biggest things to do are implementing disconnected, off-site backups and ensuring top-tier protection for customer, client, and employee information. Everything else is infrastructure, and while it can be annoying to recover from, it’s not impossible.
Cyberattacks are common, but that means that cybersecurity experts are on the rise as well. Not only is the interest in the field growing, but skilled specialists are also entering the job market every day. Your company deserves the best IT you can hire, and ITAC knows how to find them. Contact us, and we can help you protect yourself from the worst cyberattacks the world has to offer.