Call Now 888.400.5530

ITRC-logo-color-final
Search
Close this search box.

Business Ransomware Attack Leads to Hundreds of Employees Laid Off

Date: 01/09/2020

A business ransomware attack continues to be one of the most damaging, costly forms of cyberattacks against both businesses and consumers alike. Simply put, it is easy to pull off and it often works, all with little risk of discovery to the perpetrator.

Most ransomware attacks involve a little bit of malicious software—either designed by the criminal or purchased from another source—and some social engineering. Typically, phishing attacks work as an avenue for infecting a computer or network with harmful software. By getting even one low-level employee to click a link or open an attachment, criminals can infect the network, lock up the system and demand a ransom payment in exchange for the key to open it.

Unfortunately, the only responses to a business ransomware attack are to pay the ransom or ignore it and buy a new computer. Experts do not recommend paying the attackers because there is no guarantee they will release your network or your files. Unfortunately, getting your system back online can prove to be difficult.

One telemarketing firm, The Heritage Company, suffered a crippling business ransomware attack before Christmas. Employees were not made aware of the attack and only learned of it when all 300-plus were laid off. The company was unable to recover from the attack, despite paying the attackers to regain access via the unencryption key. In a letter to employees and a subsequent outgoing voice mail message, the company urged employees to look for other jobs.

This kind of incident is not rare, and small businesses are just as likely to be victimized as larger ones. Certain industries, like healthcare and education, are also more likely to be targeted due to the higher risks associated with being breached.

When it comes to ransomware, the best offense is a good defense. Prevention is the most important step, and it comes down to things like employee training on avoiding phishing attacks, ensuring the network has strong, up-to-date anti-malware protection and backing up all data on external storage devices every day. That way, should the other steps fail, the worst outcome is having to purchase new hardware and load the backed-up data into it.

You may also like…

Concerns Arise Around Possible LinkedIn Password Exposure

Super Bowl Means Super Scams

New York Special Olympics Email List Suffers Hack 

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.

notified-ad.png

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center

notified-ad.png
© Copyright 2024- Identity Theft Resource Center

This product was produced by the ITRC under 2018-V3-GX-K007, awarded by the Office for Victims of Crime, Office of Justice Programs, U.S. Department of Justice. The opinions, findings, and conclusions or recommendations expressed in product are those of the contributors and do not necessarily represent the official position or policies of the U.S. Department of Justice. View more about our copyright info here.