The BBC have published a fascinating birds-eye view of a ransomware attack at the University of California San Francisco this week. Acting on a tip-off, the BBC were able to follow the on-line ransom negotiations as they happened, culminating in the payment of $1.14m. We can only speculate, but the willingness of the university to deal with criminals suggests that the data that was being ransomed:
- Had not been properly backed up; and/or
- Had not been anonymised/encrypted.
Of course, followers of our blog will not be surprised to hear of another organisation paying a ransom: we blogged about this trend back in June. The Hiscox Cyber Readiness Report last year found that one in six firms that were targeted paid a ransom of some sort, and this could very well be an underestimate: another survey by Malwarebytes put the figure at nearly 40%. It has been widely reported that Travelex ended up paying a ransom of $2.3m following the high-profile attack on their systems at the start of the year. Whilst, on the practical side, a survey by Coverware found that 96% of ransom payments were rewarded with a successful decryption tool; there are still profound ethical and reputational issues around paying out to criminals in this way.
Rather than have to make the invidious choice about whether or not to pay a ransom, surely it is better to invest ahead of time in your information security. Follow the link to find out how we can help you to put a robust information security management system in place for your organisation.