Alvaka Networks in Irvine says schools and healthcare organizations have become targets of ransomware attacks, as cybercriminals prey on organizations that don’t have the money to pay for sufficient protection.
Ransomware—invading the computer system and demanding money to restore data and normal usage—affects businesses, governmental bodies and organizations.
Alvaka is working to mitigate those attacks and help companies restore losses.
“We’re working with some of the largest law firms and insurance companies in the world,” according to Kevin McDonald, Alvaka’s chief operating and chief information security officer.
Alvaka had its most successful quarter on record, “primarily on the back of rescuing people from ransomware,” McDonald told the Business Journal on Aug. 17.
“We have gained a global reputation for being in the top tier of ransomware rescue.”
The company counts 40 years in business and about 55 employees.
“One of the largest recovery expenses that we’re aware of in our support was over $200 million,” he said. That covered ransom, recovery, lawyer fees, equipment and related costs.
“The average reported ransomware payment in 2022 was $4.7 million,” the Federal Reserve Bank of Atlanta said in March.
Earlier this year, Alvaka was chosen for a program to boost cybersecurity protections for California’s water resource entities that seek affordable insurance coverage to guard against potential attacks.
Prevention, Recovery
In 2022, organizations around the world detected just over 493 million ransomware attempts, according to data and business intelligence platform Statista. The number decreased from 2021, Statista said.
Determining the total amount of ransomware paid is extremely difficult, though it’s estimated to run into billions of dollars globally.
Some organizations choose to pay the ransom to restore their stolen data in lieu of reporting the attack, while other organizations choose to not report attacks because of concerns over reputation, according to Statista.
“Fewer people are paying,” McDonald said. “There’s a lot of companies that have just said ‘I’m not paying.’”
Even if a company chooses to pay, there’s no guarantee it will get its data back.
McDonald notes that cybercriminals used to be consistently “efficient” with capable teams, but that has changed in recent years.
“The software they used to attack their victims has now been released to people that are far less qualified, far less professional,” he said, adding that recovery rate from an invasion can be below 50%.
Alvaka handles both ransomware prevention and recovery.
Most attacks stem from outside of the U.S., according to McDonald, with the field dominated by cybercriminals from Russia.
Playing Field
Alvaka is one of several in Orange County focused on thwarting cyberattacks.
Others based here include Irvine’s SecureAuth, which specializes in multi-factor authentication for system entry, and Cisoshare in San Clemente.
SecureAuth is focusing on its passwordless continuous authentication solution, Arculix, to introduce a more secure login process for customers. The firm last month announced new partnerships with Idmworks and Opkalla to roll out Arculix to new markets.
CrowdStrike Holdings Inc. (Nasdaq: CRWD) started in Irvine in 2011, and despite its move to Sunnyvale in 2017, still had 337 employees in Orange County as of January.
The firm, which is now based in Austin, Texas, has an AI-powered platform designed to protect more than 23,000 clients from security breaches.
CEO George Kurtz credited the platform, dubbed Falcon, for helping revenue jump 37% to $731.6 million during the second quarter. The platform contributed nearly 20% of the firm’s total $3 billion annual recurring revenue during the quarter.
“The Falcon platform has not only become the standard for delivering AI-powered cybersecurity, it has become the foundational cybersecurity platform for our customers,” Kurtz said during an earnings call with analysts.