October '21

Issue link:

Contents of this Issue


Page 15 of 103

12 THE SHOP OCTOBER 2021 Surprisingly, small-scale ransomware attackers may demand payment be wired through Western Union or paid through a specialized text message. Others demand payment in the form of gift cards from places such as Amazon or iTunes. But, far and away, ransomware payments most often involve cryptocurrencies. Bitcoin is the most popular currency demanded by ransomware attackers, but others are also used including Ethereum, Zcash and Monero. Although traditional financial institu- tions reportedly have their hands tied when it comes to ransomware payments under the money-laundering and know-your- customer regulations, the first step should be to contact your bank to determine if it transfers funds to a cryptocurrency exchange and if there are any limits. The attacked business can set up an account with one of the many cryptocur- rency exchanges. U.S. dollars are exchanged for digital currency, with the purchased cryptocurrency held in an insured custo- dial account and then transferred to the attackers. RANSOMWARE COSTS Extortion-related expenses—including the cost of hiring a security expert for advice on responding to these threats and ensuring that they don't happen again—obviously deserve attention. Since payment of a ransom does not guarantee the company's computers or data will be unchanged after their release, there can be costs involved with restoring, replacing or reconstructing programs, soft- ware and data. AVOIDING THE INEVITABLE While it is frightening to think that nothing can be done when faced with a cyberat- tack, being prepared for the potential lost revenue/income during downtime due to an attack is as important as preemptively assessing what cybersecurity measures are already in place. The best way to avoid being exposed to ransomware—or any type of malware—is to be cautious when using computers. And that means by everyone. Ransomware attackers, and indeed all mal- ware distributors, have grown increasingly savvy, requiring extreme caution on the user's part whenever clicking or downloading. Other measures for reducing the risk of potential ransomware attacks include: • Keeping operating systems, software and applications up to date • Ensuring anti-virus and anti-malware programs update regularly and scans run on a regular basis • Backing-up data regularly, then double- checking that those backups were com- pleted • Securing those back-ups and then keeping them separated from the networks and computers that were backed up • Creating a plan in case your automotive aftermarket business is the victim of a ransomware attack THE END GAME The rise in ransomware attacks over the last few years has created an extremely profit- able criminal enterprise, as many targeted businesses, organizations and even govern- ments have decided paying the ransom is the most cost-effective way to retrieve their data and get back to business. It is virtually impossible to completely eliminate the risk of a ransomware attack. Preparedness only goes so far in protecting against these increasingly sophisticated attacks. Tax deductions can offset a portion of ransomware attack costs and payments, at least for the time being, and insurance options are available to help ease the pain— if put in place beforehand. The bottom-line question is whether funding these cybercriminal organiza- tions—in essence helping them prolif- erate and grow increasingly more sophis- ticated—by bowing to their demands is the most cost-effective strategy? MARK E. BATTERSBY writes on finan- cial and tax-related topics. Learn more at Ransomware Understanding Ransomware attackers, and indeed all malware distributors, have grown increasingly savvy, requiring extreme caution on the user's part whenever clicking or downloading.

Articles in this issue

Links on this page

view archives of THE SHOP - October '21