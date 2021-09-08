COVID-19 isn’t the only virus to explode these last couple of years.
“Ransomware is on a rampage.” So noted Forbes magazine recently, which reported that 84% of U.S. organizations and companies have reported phishing or ransomware security incidents in the last year, that the average ransomware payment climbed 82%, from $312,000 last year to $570,000 in the first half of 2021, and that ransomware costs could exceed a quarter of a trillion dollars — that’s trillion, with a “T,” as in (economic) terrorism — by 2031.
They also note a report forecasting a ransomware attack about every two seconds.
It is that unfortunate but inescapable reality that prompted the Joplin City Council, which was hit by a ransonware attack this summer, to approve a contract with a Kansas City cybersecurity firm, Ravenii, valued at $197,046 over two years.
The attack in July encrypted the city’s data and records, blocked access, even disabled the phone system. We still don’t know what happened to employee and residents’ private information.
An insurer paid a ransom of $320,000 for the city to prevent the release of any personal information. Having to have this kind of insurance is another unfortunate but inscapable fact of our times.
In the end, paying hackers seems like the least safe option, like feeding a monster, but another inescapable reality.
Ravenii warns that no firm is too small to be targeted, and to assume it will be easier and cheaper to just pay the ransom than to prevent it is usually a mistake.
“The first big problem with paying the ransom is that organizations that pay are often targeted again in future attacks. That’s not a precedent you want to set, and many times you still won’t even get your data back,” Ravenii warns on its website.
It would be great to just say, “We’re not paying,” and we imagine that each ransom paid ratchets up the likelihood of it happening again, if not to the same business or community, then to their neighbors. But victims are left with few alternatives right now other than paying.
In the end, preventing ransomware attacks has to a be a federal priority for this administration, and one where President Joe Biden is uncompromisingly aggressive, including punishing sanctions against countries that host and protect these criminals, such as Russia and China.
Until them, it seems like the best bet is to take preventive steps, including hiring cybersecurity firms to put up firewalls and help us protect data.
