BitDefender posted about a college that is permanently closing due to a ransomware outbreak (post found HERE). We often hear about organizations dealing with ransomware, but this example shows how one outbreak can become the stick that breaks the camel’s back so to speak. The college was already struggling as many other organizations had been due to COVID19 so the timing for this attack couldn’t have been worse.
The key points I took away was first, the ransom was only 100k yet ended up being the final bullet to bring down the business. What sucks is the college eventually paid yet it still took over two months to get everything back hence two months of being crippled. Second, the ransomware encrypted critical revenue generating elements, which included data need to recruit, retain and deliver fundraising. The combination of recovering from the impact of COVID19, having to pay the 100k ransom and two plus month delays to generate income resulted in the closing of this business.
It’s sad to hear and hopefully can at least help other small to medium size organizations understand the risk of cyberthreats. Most adversaries don’t care about your history or current state of business. They just want to get paid regardless of what is destroyed during the process.