Depending on the scope of the attack, the cost of getting hacked can be in the hundreds of thousands or more. Here’s what you need to know.
When it comes to cyberattacks, all too often the bad guys win. Hackers have targeted local governments, airports, banks, and businesses, stealing usernames, passwords, and sensitive private data. While they may sell this information on the black market, they often hold it for ransom. With no other way to retrieve the stolen data, victims are forced to buy back their belongings while the thief vanishes into anonymity. Here is a look into the true price of getting hacked and what you can do to protect yourself.
Lake City, Florida mayor Stephen Witt announced that the city would pay hackers $460,000 to recover stolen data. The thieves seized control of major email servers, bringing the city’s operations to a grinding halt. Witt claimed that cyber insurance would cover all but $10,000 of the ransom, though it’s uncertain whether the city met the policy’s criteria for protection.
Ransomware attacks are on the rise, and victims are paying exorbitant sums to regain their data. Three attacks occurred in April 2019 alone, hitting Tallahassee, Augusta, and the Cleveland Hopkins International Airport. The ransomware forced operations to close, with the Tallahassee attack costing the city nearly a half-million. Hackers frequently target municipalities and government organizations knowing the high value of the stolen data and its importance in operations. In many cases, the data isn’t exactly stolen, but encrypted to prevent access. After the ransom is paid, the hackers unlock the data, or so they promise.
Research conducted by SentinelOne found that only 26% of U.S. companies that fell victim to ransomware and paid the ransom were able to access their files. And even if the hackers honor their end of the deal, they may attack again. In fact, organizations that ponied up the cash were hit again 73% of the time. What’s worse is that some cybersecurity providers are in cahoots with hackers, splitting the ransom between them.
Managed service providers (MSPs) are often the strongest line of defense against hackers. Unfortunately, hackers know this and have started to attack the software and systems that MSPs use to protect customer data. By infecting these systems with malware, hackers can access account credentials and use them to log in to customer accounts. They can then obtain bank accounts, addresses, phone numbers, credit card numbers, and other private data.
As hackers become more adept, MSPs need to step up their game. Frequent testing of defense systems, backup and recovery plans, and other cybersecurity measures is a must. The National Institute of Standards and Technology (NIST) has published a framework to mitigate cybersecurity risk to assist MSPs in keeping hackers at bay.
As is the case in medicine, prevention is the best cure for cyberattacks. Cities, corporations, and businesses must work together with MSPs to reduce their likelihood of being targeted and have multiple plans in place if a breach occurs. By staying proactive, the good guys can make it difficult for hackers to get what they want.