A ransomware story, explaining the issues the attack leaves on small businesses.

The Tale of Two Attacks – A Ransomware Story

This is a {ransomware} story, all about how my life got twisted upside down…

The Background

I own a small business, less than 50 employees and I’m located in a mountain community in Colorado. Our town is pretty close knit, but also has a rather high tourism volume. Locals have the ability to charge products to their personal charge accounts, for which I bill monthly. Overall, business is going well. The winter tourism revenues were great, and a music festival will be coming to the region next week, which will certainly drive foot traffic to the store.

The Mishap

I got an email from Shelly, our supplies distributor, this morning about an invoice that wasn’t paid. After downloading it, everything went to…crap. My entire computing system locked up. I have access to nothing, and I mean nothing. Something says I need to pay someone to decrypt it. Whatever that means.

I called in my technical brother-in-law to see what the issue was. He said I had ransomware, and told me not to pay the ransom demand. Basically, these are cyber criminals and paying is risky. Then, he asked where my backups where. Backups — yea, those haven’t been updated since the fall. We were just too busy this winter for that to even cross my mind. I guess it should have…

The Aftermath

I had to evaluate the risk versus reward when it came to paying the ransom demand. As my brother-in-law informed me, it wasn’t a good idea. But realistically, I was looking at taking a huge hit if I lost everything for the last six months. From my accounting files, to charge account balances, to inventory…plus all of the productivity that I would lose trying to get everything back up.

I paid. Just over six grand was the price tag to get my own files back from hackers who thought they should help themselves. It look 10 days to get everything “decrypted” and we had to remain closed to the public during the music festival to get our house back in order. We lost days in productivity, thousands in potential revenue, and our reputation took a big hit too.

Fast Forward

It has been over a year since our last ransomware attack. I asked my employees to complete cybersecurity training so they could spot potential cyber attacks that are knocking at our doors. I wish my ransomware story stopped there. They came back.

Did you know CBS News just reported 80% of ransomware victims will be hit again. I fall into that statistic. Fortunately, I did better about keeping my backups updated; however, have you ever tried to restore your network using backups? It takes forever. Financially, I can’t take the hit any more from the lost productivity and revenues. If they get me again, I will be forced to close the doors for good.

The Lesson of the Ransomware Story

Although this is a fictional story, it likely sounds far too familiar to a ransomware victim. The idea of 80% of ransomware victims being subject to this crime again is also disheartening. If they pay, the target gets bigger. Instead of relying on reactive approaches, add an application whitelisting solution to your existing cybersecurity stack.

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles