From zoos, universities and retailers to transportation companies, business service providers and government. No type of organization, large or small, seems safe from hackers anymore. A hack can have major consequences for your organization. The Personal Data Authority is concerned about the continued rise in the number of reported cyberattacks. The AP received a whopping 88% increase in the number of reports of data breaches due to hacking, malware or phishing in 2021 compared to the previous year. Read about the effects of a hack on your data in this article:
Blog
The impact of a hack on your organization
13 July, 2022
Maarten de Bakker
Paying ransom in ransomware
In a hack involving ransomware (hostage software), criminals hold your data hostage. A ransom attack can occur by, for example, sending phishing emails to employees to gain access to the organization’s system. After a successful attack, they threaten to make your data public and block access to your systems until you pay the ransom (ransom). Usually ransom is demanded in the form of crypto currencies, such as Bitcoin.
A dilemma
The big dilemma with ransomware is whether or not to pay a ransom. You want to get back to work as soon as possible, so paying a ransom seems like the most attractive option. But transferring money to criminals and hoping they keep their end of the bargain is risky, and paying a ransom does not guarantee a successful recovery. It also shows that crime pays, helps maintain a system and may even make it more attractive to more criminals.
By the way, paying a ransom is no reason not to inform (potential) victims and the Personal Data Authority. After all, criminals’ promise that by paying the ransom they will delete the data for themselves and not resell it is worth nothing. In fact, US research shows that 80% of companies that chose to pay a ransom suffered a second ransomware attack, often at the hands of the same group of hackers.
Being off the air
Due to ransomware or another hack, your organization may be unable to fully perform operations for days, or even weeks. Resulting in immediate loss of sales and possible loss of customers who cannot wait until the problems are fixed. Also consider the inaccessibility of the website or software applications your customers and partners use. Especially for organizations where digital technology is an indispensable part of business operations (and who isn’t these days?), IT security is critical.
Legal damages in the event of a data breach
Were personal data of your customers, clients or employees leaked after a hack and security at your organization was not in order? Then you run the risk of victims claiming compensation for intangible damages incurred. Personal data should be processed lawfully and transparently and should not be kept longer than necessary. Furthermore, data must be secured by taking appropriate measures. That is the law. When the claim for compensation is awarded to one victim, it sets a precedent for other victims and the costs can end up being substantial.
Reputation damage
Even if the direct financial damage from ransomware, for example, is limited, a hack can still have financial consequences. Negative attention in the news due to a hack can cause significant damage to your organization’s reputation. The cost of reputational damage, such as from hacks, is difficult to determine. These depend in part on the type of hack and the industry in which the organization operates. Also, reputation is not always easy to measure.
But that the trust that clients, partners and even potential employees have in your organization can be seriously damaged in a hack is obvious. A data breach could put your customers’ and employees’ privacy-sensitive data out on the street. Stakeholders will therefore begin to see and value your organization’s actions differently. Not for nothing do many organizations keep a hack quiet.
Protect against hacks
Want to know how to best protect your organization from hacks? CaptureTech has put together a complete cyber security package. With the Cyber Shield solution, you are protected for a fixed monthly fee. We perform security scans, connect you to our Security Operations Center, secure your hardware, files and email, and train your employees on how to recognize phishing.
