Good for Fujifilm, for not paying a ransom to the cyber gang that attacked one of its networks recently. Instead, the multinational conglomerate used its automated backups to restore operations – and saved a lot of money.
The ransomware attack targeted Fujifilm’s network in Japan. The company then responded by shutting down the network and related server systems to investigate the extent of the attack.
It was then able to bring the affected computer systems back up and running as investigations showed them to be safe. Within a week all systems were restored.
The fact that Fujifilm recovered pretty much unscathed from the cyber incident is no doubt due to thorough preparations for a cyber attack. The resilience of its backup and cyber security system, and its probable frequent testing of incident response plans, has certainly paid off.
To pay, or not to pay, a ransom
Not paying a ransom is a difficult decision to make as attackers often threaten to sell or leak sensitive information, but if you can be certain that your data and systems are secure, the decision becomes easier.
In another recent, high-profile ransomware attack on Colonial Pipeline in the United States, the company paid an almost 5-million dollar ransom the day after the attack. The White House then issued a statement to business owners, urging them to take the threat of ransomware seriously and to backup their systems and data, update and patch systems promptly, and test incident response plans.
Following the Colonial Pipeline attack, IronTree published a blog Ransomware: why you should not pay up to highlight a conclusion from Forbes that “it doesn’t pay to pay” a ransom. We suggested what to do instead of paying up:
- Find out the name of the attack as there may already be a solution.
- Report the attack to a cyber security expert, who may be able to decrypt the threat and regain access to your data.
- Research latest ransomware removal tools, decryptors and solutions for backup and ransomware protection.
Cyber experts have repeatedly warned that paying a ransom isn’t worth it because it doesn’t guarantee your systems will be restored or that your data won’t still be leaked or sold. A paid ransom only encourages cyber gangs to continue using ransomware to make ransom demands.
What makes more sense is to do all you can to prepare for a ransomware attack by backing up your data with an automated solution and protecting your systems with a dedicated cyber security service.
If, however, you have a comprehensive backup and cyber security solution in place, all you have to do is practice general cyber awareness and test your incident response strategy as regularly as you can.
We can help you with a cyber strategy for your business.
Do you have proper data protection in place?
New all-in-one cyber security and backup product gives more peace of mind