If you haven’t been paying attention, a lot of organizations have been hit by ransomware lately, almost all of which are triggered by a phishing email. Hackers use all types of exploits to extract money from their victims too. Their favorite, by far, is to encrypt the victim’s hard drive with a promise to decrypt it if the ransom is paid, usually in something untraceable like Bitcoin.
Local governments seem to be particularly vulnerable to this type of attack. Riviera Beach, FL was hit with a $600,000 ransom recently and Jackson County, GA was asked to pay $400,000. As Scott Simon of NPR put it, “American cities are being taken hostage – not by bandits in ski masks, but cybercriminals who use so-called ransomware to shut down critical systems until the cities pay up.”
These are not isolated incidents. According to an article on JD Supra, “Recent studies show that over 170 ransomware attacks have hit U.S. cities and local governments in the past six years. In 2018 alone, over 50 ransomware attacks have targeted local governments, and at least 21 similar incidents have already occurred this year.”
The scary thing is, it’s going to get worse.
If you do get hit by ransomware, you have two choices: pay it or don’t pay it. The city of Baltimore, MD was hit with a ransomware attack in which the attackers requested $76,000 worth of Bitcoin. But Baltimore refused to pay. To date, the city has paid an estimated $18 million to try and recover their systems.
Perhaps you think paying the ransom is the way to go. Maybe. That’s the choice Riviera Beach made. But there’s two gigantic problems with paying the ransom. First, there’s no guarantee paying the ransom will actually get you your data back. Afterall, getting your data back requires less-than-honorable folks to do something honorable and keep their word. You may be just throwing your money away.
There’s an even bigger problem to paying the ransom though. Hackers now know you’ll pay up, which means you more likely to get hit again. And sooner rather than later.
What to do? It will take time just to get your old systems up and running and now you have to worry about new attacks. What you need is a quick, inexpensive way to protect your entire organization from the “second wave” of phishing attacks. Something that will keep your employees safe without waiting for the old systems to come back up. Something that doesn’t require you to purchase any hardware or software. And something that only requires about 10 minutes of your IT staff’s time, because they’re really busy. Does such a thing exist? Yes!
What you need is cloud-based, email security service with real-time link click protection. What you need is Phish Protection. Nothing to buy. Nothing to configure. Up and running in 10 minutes. Works with most email services include Office 365 security and G Suite.
What’s included with Phish Protection? How about:
- Smart quarantine
- Real-time click protection
- Display name spoofing protection
- Domain name spoofing protection
- Malicious attachment blocking
- Works on all devices
- And much more
Protect your employees for less than 30₵/day. Seems cheap compared to paying a ransom. What are you waiting for? Try it here free for 30 days. No credit card required.