Cybersecurity, Ransom Payments, New Business Risks
In March of 2018, the city of Atlanta, Georgia experienced a sustained cyberattack on the city’s various computer networks. During the course of nearly a week, the cybercriminals in question demanded a ransom of $51,000 in bitcoins, as some city officials were forced to provide services to local residents using pen and paper. While city officials ultimately chose not to pay the ransom, under the guise that offering such a monetary reward would encourage further criminal activity against the city, a confidential report that was later exposed by the Atlanta- Journal-Constitution revealed that estimated costs that were associated with the cyberattack were in the neighborhood of $17 million dollars, a number that is exponentially higher than the $51,000 in bitcoins that the cybercriminals had initially requested as a ransom payment.
The rise of ransomware attacks
While many American citizens might view the events that city of Atlanta officials dealt with in March of 2018 as a unique occurrence, there has very much been a rise in cybercriminals that look to obtain some form of ransom payment after stealing personal information from businesses, government organizations, and individuals alike. To this point, city and government officials within Atlanta faced a dilemma when the city’s computer networks were hacked. On the one hand, paying a ransom under any circumstances throughout human history can always be seen as essentially promoting criminal elements, as a business that chooses to pay a criminal a ransom may inadvertently be opening itself to future attacks. On the other hand, the monetary costs that can arise when a city such as Atlanta has to effectively shut down its multitude of online and electronic systems for an entire week can far exceed the cost of paying a ransom in practice.
The reasons why companies pay ransoms
Despite the urging of many cybersecurity specialists worldwide, many companies that experience a cyberattack on the level that the city of Atlanta, Georgia faced in March of 2018 will choose to pay their cyberattacker’s demanded ransom as opposed to dragging the situation out over a longer period of time, with the hope that such a transaction will be a one-time occurrence. The reasons that influence such thinking are very much numerous. The most obvious reason that can be deduced is the reliance that our modern society has on online accessibility and communication. As a ransomware attack can seriously disrupt the manner in which a business or organization functions, the resulting monetary losses that such entities face can mount relatively quickly.
To this end, part of the estimated $17 million dollars that the city of Atlanta, Georgia reportedly lost during the cyberattack that took place was in traffic tickets and utility payments, as the vast majority of U.S. cities allow citizens to pay for these services online. On top of that, the reputational harm that a business can be faced with as a ransomware attack drags on for weeks is also a major concern, as public sentiment concerning the fashion in which a business or organization handles a ransomware or cyber attack can be hard to gauge. Due to these factors, along with a host of others, some businesses within the U.S. have looked to so-called cyber insurance to address potential ransomware attacks, as such businesses will pay monthly premiums to have a third party pay a cybercriminal should a data breach occur.
Preparing for ransomware attacks
Another major issue that made the city of Atlanta, Georgia susceptible to a ransomware attack in 2018 was the fact the city officials were not adequately prepared for an attack of such magnitude and nature in the first place. For context, an independent auditor warned Atlanta city officials 8 years prior in 2010 that the city did not have sufficient “funding for business continuity and disaster recovery plans.” 4 years later in 2014, the city of Atlanta had still not adopted a plan that officials could implement and follow in the event that a ransomware attack occurred. Subsequently, part of the $17 million dollars that the city is estimated to have lost as a result of the attack included “$1.1 million for new desktops, laptops, smartphones, and tablets.”
While the issue of cyber criminality is a complex and nuanced subject, one major resource that businesses and organizations can implement to protect themselves against ransomware and cyber attacks is automatic redaction software. As the collection and processing of personal information are vital to the functioning of virtually any business operation, many businesses will retain large amounts of personal data on a daily basis. While these practices allow businesses to provide their customers with much-needed support, it also leaves said businesses open to ransomware attacks, as simply pilfering the login credentials of a single employee can lead to millions of dollars in lost revenue and damages.
This being said, redaction software programs allow businesses to obfuscate personal data that is contained within a wide range of mediums, including PDFs, video and audio files, email messages, and images, among many others. What’s more, as these programs enable users to redact data in a matter of minutes, businesses can easily keep up with the personal data they collect from their customers on a weekly basis. Moreover, the cost of purchasing an automatic redaction software program will pale in comparison to paying a cybercriminal a ransom payment, in addition to the monetary losses that a business will inevitably incur when having to shut down critical online and mobile systems.
As many criminals within society turn their sights on stealing the information of businesses and individuals online, particularly in the midst of the current COVID-19 pandemic, instances of hackers holding personal information for ransom will only continue to increase. Likewise, any major business, organization, or entity will have to consider what the ramifications of failing to protect the personal information of its respective customers will look like, as all cyberattacks will lead to some form of personal data being accessed and disclosed illegally, irrespective of any ransom or insurance payments that are made.