A business will fall victim to a ransomware attack every 11 seconds this year, according to research firm Cybersecurity Ventures. Some of them, like Colonial Pipeline, have admitted they don’t have a plan for when that happens.
Several businesses have never even dealt in bitcoin, which is the currency of choice for virtually all ransom payments.
“A lot of these companies, especially if they haven’t prepared for an extortion attempt, have no clue what they need to do,” said Rick Holland, chief information security officer at Digital Shadows, a cyberthreat intelligence company.
“Insurance companies will sometimes give them guidance on how to pay and recommend firms to work with on it,” Holland said. “The extortionists will give instructions on how to set up bitcoin wallets and where to go to procure bitcoin.”
There are also companies that swoop in at the last minute to handle the logistics. One example is DigitalMint, a full-service, final-mile crypto broker.
“We’re at the end of the process,” said Marc Grens, co-founder and president of DigitalMint.
“We’re the hired specialists, after the forensic consultants, the company, and stakeholders have all made the determination they’ve exhausted all their options and that paying the ransom from an economics perspective is the best way