According to the FBI, the three most common IT/OT (operational technology) infection vectors are email phishing campaigns (aka BEC or business email compromise), remote desktop protocol (RDP) and software vulnerabilities. While some hackers may intentionally want to bring down your production systems using the second and third vectors, “we’re only in it for the money” is a far better motive for breaking into your IT/OT systems—and what better way to do it than through the phishing emails scattered among the zillions of emails you get every day. Accidentally clicking on one email link can quickly connect you with ransomware—which can not only shut down your business system, but also your production systems if they’re not protected.
Say you can’t afford to pay the ransom? Well, hackers have done their research—not necessarily in the latest and greatest cyber tools to shut down your business, but rather in studying your key personal contacts and the value of your company. Then they determine what you can afford to pay. After all, if they can make a deal that’s affordable, it’s a “win-win” for your company and them. You’re willing to pay and hopefully get the key to the encryption algorithm to unlock your files, and they pocket your money. Oh, and don’t worry, they’ll be back for repeat business unless you find a way to keep them out of your system. This is why the FBI and law enforcement groups discourage paying the ransom as it encourages criminal activity.