Cybersecurity threats are rising every year, the one to be aware of in 2021 is ransomware attacks.
Last year the CFO of a small company in Kentucky went to the office to find that the company’s 8 PCs were out of commission due to a ransomware attack. It was that day that company management realized just how dependent their critical processes were on computers. Suddenly, the 25 employees that worked on the factory floor couldn’t perform their job duties and everything grinded to a halt. This isn’t the kind of thing that is supposed to happen to a small company in a rural area, except it did happen. Ransomware is a constant threat to all businesses, big and small. In fact, according to a recent survey, 46 percent of all small business were targets of ransomware last year.
Thankfully, the company didn’t store any personal data or proprietary information so the only consequence of the attack was the abrupt work stoppage. Still in the end, the CFO decided to keep the legal authorities out of it and negotiate a ransom settlement to get the business up and running as quickly as possible. With the help of a highly experienced third party that they were referred to by their insurance company, they were able to negotiate a settlement of $150,000 and their data was restored. The hackers behind this attack even supplied a custom service rep that guided them through the entire decryption process. One of the reasons why small business are increasingly attacked is their propensity to pay. It is estimated that 73% pay the ransom in the end. The company from Kentucky should feel lucky as only 17% of small companies have had their data fully restored.
In a recent article in article in SecurityToday.com, a panel of 50 senior cybersecurity professional were asked whether COVID-19 or Ransomware was a bigger threat to their business. Some may be surprised that 60% of respondents cited ransomware. While COVID-19 can certainly present potential disruptions and challenges to your business, a successful ransomware attack can shut down all of your operations in an instant. Like COVID-19, ransomware is a global epidemic. Unfortunately, there isn’t a simple vaccine.
According to the 2020 State of Enterprise Security Posture Report by Balbix, an overwhelming 89% of CISOs believe that phishing induced ransomware attacks pose the greatest threat to their organizations. The exploitation of vulnerabilities created by unpatched systems was a distant second (53%). Some of the other findings in the report indicate some of the reasons why ransomware attacks are so effective. Lack of visibility is a major problem as 60% say there are aware of fewer than 75% of the devices on their network. It’s difficult to recover quickly from a ransomware attack if you don’t know what machines are affected. In addition, 80% of organizations provide more access privileges than their users need to do their job. The blatant practice of assigning local admin rights to users makes it easy for attackers. When users click on a link or attachment that initiates a malware infestation, the installed malware inherits the rights of the user.
While the implementation of a well designed multi-layer cybersecurity strategy that includes email and web filtering is critical in preventing ransomware, it is just as important to conduct an investigation immediately after a ransomware attack. According to the National Cyber Security Center (NCSC), a large company was forced to pay a ransom of $6.5 million after their operations were crippled by a ransomware attack. Unfortunately, the company failed to make any effort to identify just how the attackers were able to pull off the attack so effectively. Sure enough, the same perpetrators redeployed the same attack two weeks later. Once again the company’s operations came to a stand still and once again they had to pay a ransom.
The NCSC provides guidance concerning the mitigation of ransomware attacks. They include the following steps:
Ransomware is now the #1 cybersecurity threat to organizations of all sizes and industries. Learn how SpamTitan and WebTitan can help prevent ransomware from crippling the operations of your organization. Contact TitanHQ today.
Sign-up for email updates...