You may recall in September that it was reported that the City of Woodstock suffered a breach. At the time, it was unknown if there would be a demand for ransom. It has been recently been disclosed that there was a demand for ransom, but that the city opted not to pay it. The city’s Chief administrative officer David Creery told CBC news, “We have a very diligent IT team that has a ritual of backing up all our systems. So, we didn’t feel like we should be paying for something we already had. If we had reached out and paid ransom, we would have gotten the keys back to our network faster, we would have been able to get back our system quicker, but we would have been working with a system that can’t be trusted.” As it stands, the city paid $560,000 to cyber security firm Deloitte, which helped them contain, investigate, and recovery from the breach. the city also spent nearly $55,000 on overtime compensation for staff and $31,000 on firewall and network support. While the costs are staggering, things could have been worse if they weren’t as diligent as they were with their data backups. If the costs seem high to you, then your organization would do well to regularly review its cyber security standards to prevent ransomware from finding its way on networks. It seems over and over phishing scams are a prominent delivery vector for malware and ransomware onto networks. Any organization that wants to prevent this type of thing from happening to them, would be wise to invest in phishing awareness training for all staff. Contact Uzado today to learn how our phishing awareness service can help your organization.