I am no technology expert, but we got hit with Avaddon last August.
It was a sharp and steep learning lesson..
To all the people on here dribbling political crap, get over yourselves and understand the vulnerability of where we all sit.
We lost every engineering drawing and document the business ever created (essentially an engineering business) quotes, job photos and documents and most other electronic documents. We did not lose all transactional data or relatively recent emails although we did not have access to them for a few weeks.
We chose not to pay the ransoms and start again.
Thankfully we are in a pretty robust business, however if you were tight already it would be death for many business.
We engaged 3rd party to try and unencrypt data all to no avail (quick way to spend big bucks, get your kids into it).
Prime issue was our IT company had really crappy practices and we did not have great training.
resolution.. new hardware, latest software, mfa, updated regulay and properly, AV, 3 layers of protection Carbon Black, MS365, and can’t remember the other) with ai to trap email.
Its a bit clunky but Lucky to get 1 spam email a month now.
We paid for another 3rd party to try and break in and are tendering for IT services that meet Fed Govt ‘Essential Eight’.
https://www.cyber.gov.au/acsc/view-all-content/essential-eightPeople need to understand that this is not a nuisance or political football, it is actually an economic threat to how we live and work.
Many businesses wouldn’t survive this impact and those that do won’t all be able to afford best practices.