In March, President Joe Biden signed broad cybersecurity legislation that requires some industries to report breaches to the US Department of Homeland Security within 72 hours of discovery of the incident, and 24 hours if they pay ransomware. . Many states also require businesses to report violations.
Nevertheless, it appears that ransomware actors are increasing their targets and continue to release vast amounts of personal data if their demands are not met.
According to Cybersecurity Ventures, in the United States alone, the FBI documented 2,474 ransomware incidents in 2020, and its attacks caused economic damage to exceed $20 billion in 2021; Four times more than in 2017.
A recent Cyberian survey of nearly 1,300 companies worldwide reveals the effects of ransomware. 66% suffered major economic losses, 53% suffered damage to their image, and 42% could not cover all losses with their insurance after the attack.
What can be done in the event of a ransomware attack?
According to cyber security firm Avast, the first hours of response to a ransomware attack are critical to minimizing damage.
Having an incident action plan is the key to acting quickly, and business leaders need to develop the plan and select the right employees to execute it. They may be the same people, but it’s not always the case that people who are good at making intense plans are also best at “fighting fires” when an event occurs.
In general, the more contributors know the basics of ransomware: what it is, how the attacks happen, and what the risks are, the better.
But businesses also need a team of experts who are “in charge” of the response. In the first hours and days following an attack, professionals who are experts in troubleshooting and identifying their causes will be needed.
“Over the past decades, often companies have failed to take a holistic view of IT infrastructure and when they appeared they were simply ‘plugged holes’. Used together, it can help businesses locate and fix vulnerable spots before hackers take advantage of them.”