Don’t Get Caught With A Deer-In-The-Headlights Response to Ransomware Attacks

We’ve examined how important it is for any nonprofit performing arts organization to maintain a data breach policy in the event the group becomes the victim of a cyberattack and the next step in that process is preparing contingency plans for a ransomware attack.

Data breach policies are must-haves to protect organizations and their patrons when cybercriminals access a network to steal data. Ransomware attacks also focus on accessing a network but instead of stealing your data, they lock you out.

The 7/6/2021 edition of The Washington Post has a good article written by Gerrit De Vynck, Aaron Gregg, and Rachel Lerman that explains how Ransomware criminals are evolving past straightforward phishing attempts to gain access and are now dedicating far more resources to exploiting software. In English, that’s the difference between a grifter running a three-card monte game and Bernie Madoff launching a multi-billion-dollar Ponzi scam.

As the Post article makes clear, the target of the latest Ransomwear attack wasn’t just a company with lax security. They were actively and earnestly monitoring their code to identify weak points and adjust.

If your organization finds itself as the target of a Ransomwear attack, don’t be afraid of any PR. Follow the Federal Bureau of Investigation’s (FBI) recommendations on how to respond and report.

The FBI does not support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.

If you are a victim of ransomware:

You can find even more information in this document prepared by a joint team of U.S. Government law enforcement agencies. In addition to insight into technical matters, they have an excellent section with business continuity considerations.

Beyond the advice in those resources, you can expand on the common-sense strategies you (hopefully) have in place with general cyberattack considerations:

  • Make sure your cybersecurity response plan includes specific instructions for ransomware attacks. This includes making all executive leaders (board and administration) aware of the threat and understand their role in the wake of an incident.
  • While Federal agencies advice otherwise, paying the ransom is something businesses do under extreme circumstances. If it’s something your organization wants to consider, you’ll need to make sure you understand cryptocurrency, have a cyber forensic provider identified to offer advice, and do the math on paying ransom vs. the cost of restoration.
  • Review your insurance policies; one oddity here is to make sure your provider allows other third-party providers to help when responding to an incident.

About Drew McManus

"I hear that every time you show up to work with an orchestra, people get fired." Those were the first words out of an executive's mouth after her board chair introduced us. That executive is now a dear colleague and friend but the day that consulting contract began with her orchestra, she was convinced I was a hatchet-man brought in by the board to clean house.

I understand where the trepidation comes from as a great deal of my consulting and technology provider work for arts organizations involves due diligence, separating fact from fiction, interpreting spin, as well as performance review and oversight. So yes, sometimes that work results in one or two individuals "aggressively embracing career change" but far more often than not, it reinforces and clarifies exactly what works and why.

In short, it doesn't matter if you know where all the bodies are buried if you can't keep your own clients out of the ground, and I'm fortunate enough to say that for more than 15 years, I've done exactly that for groups of all budget size from Qatar to Kathmandu.

For fun, I write a daily blog about the orchestra business, provide a platform for arts insiders to speak their mind, keep track of what people in this business get paid, help write a satirical cartoon about orchestra life, hack the arts, and love a good coffee drink.

Related Posts

Leave a Comment