Big stories in the news these last two weeks are about ransomware attacks. A school district in New York State and 22 small towns in Texas were the victims of a coordinated ransomware attacks. The New York school district paid the $88,000 ransom. The bad guys targeted smaller municipalities probably because these towns were less technology aware than big cities and were thus more vulnerable to outside attackers.
But to be clear on my opinion, that notion is giving the bad guys too much credit for spending time thinking about their raids. I don’t believe they research and plan. They create their malware and then blast it out to any and all networks they can find. They know that someone, somewhere, will open an attachment no matter how odd it may be. If you own a business of any kind—you are a target.
It’s true that smaller towns may not have the budget for defense training for employees. It’s also true that large cities may have huge budgets for cybersecurity, but they don’t have a regular cyber defense update training for employees, or they don’t have a training program for new hires.
Attachment gets sent. Makes it through their security filters. Employee or executive opens attachment. Data gets captured. Ransom notice is sent. Pay up or lose everything.

Now what? The first question after a ransom notice is “When was the last backup?”

In that moment, you should know in your gut that every penny you’ve spent partnering with a professional IT management company was worth it. Those guys are on speed dial, and within minutes you know all that’s being deployed to get you back up and running. You’ll just be annoyed at the momentary inconvenience rather than worried about losing clients because of the breach. You budget to have appropriate insurance for your business. You contract to have the right legal representation. And you made the jump to having a top-notch IT company secure your data. Now those guys can reconstruct your business from the most recent backup—and that’s a given. If you pay the ransom to the bad guys, there is no guarantee you will ever a) get your data back, b) get it all back, c) get it back uncompromised, or d) learn from your clients that their personal information has been sold on the Dark Web.

IT is more than just attaching an external hard drive to your network. Heck, it’s all complicated, and things change every week. Who on your staff can you assign to be the expert on all this, in addition to their regular work? Your cybersecurity now ranks right up there with growth and development. Your sustainability depends on your ability to protect your data. Find a professional IT management company like Aptica LLC, one you can rest easy with, so you know there is someone who will always have your back(up).