Earlier this year, I spoke with a friend who security team had to help a small two person law firm that thought they were too small to be hacked. Not only did the hackers get into their networks, they destroyed all their backups and deployed ransomware. The ransomware, however, was only $44,000. Now, why do you think the hackers only ask this firm for $44,000 when the demand on other companies is often $250,000 or more? It's because this just happened to be the amount the firm had in their bank account.
When hackers get into your computer systems, most of the time they aren't going to immediately deploy ransomware or some other obvious malware. The smart ones are going to patiently wait as they slowly work their way into getting access to all of your company data. If they get access to your QuickBooks file or your bank account, they will then use that information to help figure out exactly how much you can pay. If the ransom ask has been $250,000, the firm would probably have just decided to go out of business. But with it being the amount they actually had in the bank, the decision to pay the ransom was much harder. However, they did eventually decide to pay and hope to recover from the attack. What can you do to prevent this from happening to you? Well, you can make sure that you have an advanced security solution in place to help you discover if or when an attacker has gotten into your environment and hopefully stop them dead in their tracks before they've been able to compromise and steal your company's critical data.
