Jun 06, 2024
During the pandemic, data breaches disproportionately affected smaller companies; they were targeted at twice the rate of larger businesses. Since the pandemic, those same smaller companies have been struggling with COVID-19 fallout ranging from supply and labor shortages to bouts of inflation. All those preoccupations have left them more vulnerable to ransomware attacks.
Enemy at the gates
Typically, ransomware is triggered when an employee downloads an attachment or responds to a phishing or scam email. Ransomware can also penetrate a network through server vulnerabilities or an infected website. A third way that ransomware works is by sneaking in through security holes in older, unpatched versions of operating systems.
Once the ransomware has infiltrated, it will lock users out of their computers. Their devices will display a message demanding a ransom to unlock the hardware and restore access. The ransom is often payable only in bitcoin or other cryptocurrency. Those transactions are quick and easy, and because they are anonymous, difficult to trace. Although bitcoin is the most popular ransom currency, ethereum, zcash, monero or another may be stipulated. In the past, gift cards for Amazon or iTunes were popular for smaller scale extortion.
The ultimate damage may greatly exceed the cost of the ransom itself. Being locked out of computers or servers has a ripple effect, resulting in business downtime and the concurrent lost revenue, lost customers or lost new business, as well as negative publicity.
Prevention beats cure
It is essential to take precautions to ward off any impending threats:
Even if you religiously follow security best practices, ransomware may still break through. The first step in your response plan is to not panic. Take a photo of the infected screen before you unplug everything; pay particular attention to any deadlines mentioned. Next, try to isolate the infection by disconnecting any vulnerable hardware from the network.
Contact your help brigade, including your data privacy lawyer (or other attorney) and your cyber insurance company. It is a good idea to report the incident to your local FBI office too.
Next, implement your internal procedures:
Paying up
Across the industry, many experts counsel victims against paying a ransom. The risks are like those of kidnapping: How do you know the gang will practice thieves' honor? What is the guarantee they will unlock your systems? Will they keep demanding further payments?
However, businesses are increasingly willing to pay to salvage their operations, so if you do succumb, you are not alone. Since 2020, the number of organizations that have paid ransom has risen by 5.4%, amid a 9% increase in attacks over the past two years.
Before transferring funds, at least consider requiring a so-called proof of life — evidence that the wrongdoers can decrypt and restore at least one file.
Talk to your security team and professional technical advisers about any other safeguards you can set up in advance.
©2024
Jul 03, 2025
When you provide workers with additional benefits on top of their regular pay, some may be taxable. As the rules can get complicated, it pays to familiarize yourself with the requirements. Read through for an overview of which benefits are taxable.
Jul 02, 2025
Disputes over unpaid work time often arise from tasks performed outside official hours — for example, answering emails, traveling between jobsites or changing into work clothes. Employers must understand when these activities count as compensable work. Read through to learn how exempt and nonexempt statuses affect wage obligations.
Jul 01, 2025
Workers' comp insurance is essential for most businesses, but as an employer, you may have more options than you realize. Read through for an introduction to the pay-as-you-go model and the advantages of outsourcing it.
Jun 30, 2025
Employers must ensure that break policies comply with wage laws, especially when employees work through lunch, answer emails after hours or remain on call. Similarly, misclassifying paid and unpaid breaks can lead to wage violations and legal risks. Read through for key guidelines on tracking break time and maintaining compliance.
Jun 04, 2025
Have you heard of key person insurance? This is a type of life insurance policy that may positively benefit your business’s continuity, though it has both tax and financial implications. Read through to see whether key person insurance is right for your company.
Jun 03, 2025
Do you have questions about the tax treatment of payments for part-time and seasonal help? These employees are subject to the same rules that apply to all employees — with some twists. Read through for some help on tax rules regarding part-time and seasonal help.
More News & Press can be found in our Archive.
