According to the Harvard Business Review, in 2020 ransomware attacks grew 150% from 2019 and the amount that victims paid increased by more than 300%!  As a result of the ransomware onslaught, we are all exposed to what feels like a constant stream of ransomware related horror stories.  And, unfortunately, the reality is that for all companies of any size or industry – including automobile and heavy truck dealers – it is not a question of IF you will fall victim to an attack but rather a question of WHEN.

If your dealership falls victim to a ransomware attack, what will you do?  Do you have the cyber defenses in place to effectively detect and stop an attack before it can wreak havoc on your dealership?  Or will you be put in a position where you need to decide whether to pay the ransom or not?  If you fall into the latter, then what will you do?

Our advice is NOT to pay the ransom.  There are 2 simple reasons why paying the ransom is a mistake:

1. 92% of those who pay the ransom don’t get their data back! That’s right – according to Forbes, 92% who pay don’t get their data back.  Remember who is behind a ransomware attack – it is a criminal.  These are not trustworthy people.  Of those that did get their data back, 29% couldn’t recover more than half of the encrypted data.  To make things just a little worse, according to a survey done by Cybereason, 80% of those that paid the ransom were then hit again by a second attack.  And half of the second attacks were by the same group of criminals!
2. Paying the ransom encourages more attacks. When your children or your pet misbehaves do you give them a reward?  You don’t reward bad behavior because it just encourages more bad behavior.  Cybercriminals do the dirty business that they do for money.  When there isn’t any money rewarding them for this criminal behavior then it’s likely that the criminal will move on to something else that is financially rewarding.

The best approach is to avoid a ransom situation.  Instead, build up a modern cyber defense to keep your data, finances, and reputation safe.  At a high-level this means:

• Initiate ongoing employee training to identify and avoid clicking on a phishing email.
• Implement advanced endpoint threat protection.
• Deploy a Security Information Event Management (SIEM) solution.
• Leverage a 24/7/365 Security Operations Center (SOC).
• Implement multi-factor authentication.
• Backup your data to a cloud backup service.

If you have the above in place and you have a team of trained professionals that know exactly what to do when an attack occurs, then you shouldn’t be faced with the dilemma of whether to pay the ransom or not.  If you need help or would like Helion to assess your dealership’s level of risk exposure, then click HERE to request an IT risk assessment.