In May 2021, Colonial Pipeline temporarily halted operations, closing the spigot on a critical pipeline that provides 45 percent of the East Coast’s fuel. Service resumed after the company paid cybercriminals $4.4 million to release their data. Weeks later, JBS, a prominent US meat supplier, paid $11 million to restore operations at its processing plants. These high-profile cyber attacks are indicative of a growing trend impacting today’s organizations.
The cost and consequences of a ransomware attack are incredible, and they are also shockingly common. Most attacks never make front-page headlines as companies quietly pay exorbitant sums to recover access to their data or IT infrastructure.
There were more than 65,000 successful ransomware attacks last year, impacting a company every eight minutes. In fact, ransomware is such a prolific cybersecurity threat that it prompted the White House to issue an open letter to companies encouraging them to more urgently move to protect their digital assets.
As one particularly exasperated headline recently asked, “Are we waiting for everyone to get hacked?”.
It doesn’t have to be this way, but to avoid a costly attack, today’s businesses need to understand the ransomware threat while developing a defensive posture that meets this troubling moment.
Understanding the Ransomware Threat
Ransomware may be a popular trend, but it’s not a novel threat. The first ransomware attack took place in 1989 when an evolutionary biologist turned hacker mailed 20,000 malicious floppy disks to medical institutions. Today, ransomware, a malware strain that encrypts users’ computer data until a decryption password is entered, is simple to deploy and exploit.
A recent New York Times expose described a comprehensive ransomware-as-a-service ecosystem complete with technical support, negotiating services, payment processing, and other features. As the report notes, “Now even small-time criminal syndicates and hackers with mediocre computer capabilities can pose a potential national security threat.”
Critically, once a victim is infected with ransomware, they rarely have good solutions at their disposal. According to one assessment of the cybersecurity landscape, most ransomware strains are “impossible to decrypt unless there is an error in the code.”
However, threat actors rely on poor cyber hygiene to effectively distribute their software. For instance, the expensive and highly-publicized Colonial Pipeline attack was made possible by a single compromised account password. Meanwhile, some threat actors exploit vulnerabilities in buggy or out-of-date software to deliver ransomware. At the same time, many reach their targets through phishing campaigns, which have increased significantly since the pandemic’s onset.
For businesses, the costs can be exorbitant. While the FBI discourages companies from paying ransomware demands, recovery costs can be even more expensive, negatively impacting the bottom-line, regardless of the outcome. In addition, less-quantifiable but still harmful brand erosion and customer retention challenges increase the consequences for businesses, making a solution imperative.
How Businesses Can Respond
Given the severe consequences of a ransomware attack, businesses have every reason to fortify their defensive posture. Fortunately, many effective solutions don’t have to break the bank, and several simple maneuvers can successfully mitigate the risk of threat actors encrypting company data or IT infrastructure. This includes:
- requiring employees to regularly update account passwords
- prioritizing software updates
- enabling two-factor authentication whenever possible
- ensuring that anti-virus and anti-malware solutions are properly configured and operational
- securing backups and segregate them from primary systems
- creating a response plan should an incident occur.
These efforts are enhanced by strong software solutions, like robust firewall protection, that keep company networks secure. In addition, organizations should train their employees on the latest threat trends, equipping them with the capacity to identify and respond to potential threats.
Since companies have little recourse after a ransomware attack occurs, these defensive strategies are mission-critical, and businesses can’t afford to be lackadaisical in their implementation.
Responding to today’s ransomware crisis is an operational imperative for every business. Failing to adequately prepare puts continuity, customer experience, and sustainability at risk. However, you don’t have to navigate this threat landscape alone.
At Reis Informatica, we offer 24/7 service, helping organizations capitalize on digital technologies without compromising data privacy or cybersecurity. Contact us today to book a complimentary business systems assessment to uncover any risks, issues, or concerns with your network environment.