Here are the facts: Every week there’s news of new breaches that impact global companies, major government institutions, and agencies. Unsurprisingly, attacks are on the rise with the United Nations reporting a 600% increase in malicious emails sent over the course of the pandemic. IT researchers report that over 450,000 new pieces of malware are detected every day. With the threat landscape increasing at these rates, IT security professionals need to ask themselves:
These questions should form the basis of risk determination for any company, but more often than not they’re not even being asked. In fact, organizations are failing to take care of so many basics that cybersecurity today is as much about changing the prevailing mindset as it is about simply upgrading the technology. This starts at the top.
Hackers are not just targeting Fortune 500 companies, they are hitting all organizations. Today’s small and medium businesses owners often assume nobody will go after them because they’re too small—but it’s a numbers game. Simply put, ransomware goes after the largest possible number of vulnerable targets. This helps explain why SMBs are in reality. getting hit with the lion’s share of ransomware attacks and data breaches. 50% to 70% of attacks hit small and medium businesses and 70% of all ransomware instances over the last 24 months have been in the mid-market. Every company no matter how large or small needs to focus on cybersecurity.
Watch this video to learn why effective data protection requires more than just a backup product and how Anexient can help.
Ransomware has evolved to become easier for bad actors to embrace. In fact, it has become a service (e.g., RaaS – Ransomware as a Service). Beginning in 2012, criminal divisions arose that included:
This perfect storm led to a rise in ransomware in 2014 that included CryptoLocker and Locky. Though crude by today’s standards, they worked well. They locked corporations out of their data and people were willing to pay to get it back. But those attacks were primarily directed at an endpoint: a workstation or individual machines. When the victimized businesses realized this, they stopped paying the ransom and just reloaded their machines.
Then in 2018, attackers had some success going after servers to get at the source of the data which increased the likelihood a ransom would get paid. To combat this, companies improved their backups and added insurance. But in response, attackers started asking for higher ransoms, since they knew it would be covered by cyber insurance—which then drove up the cost of cyber insurance.
Far more devastating is that over the last eighteen months, attackers have also begun targeting and stealing data. Now ransomware attacks are also data breaches. This secondary extortion is often designed specifically to negate the value of good backups. Organizations have to pay to prevent their data from being exposed. Recall the meat supplier, JBS, who paid $11M to prevent their data from being made public.
Simply put, today’s cybercriminals are no longer dominated by the metaphorical script kiddies living in their parent’s basements. They are employees of fully-organized criminal groups operating through ransomware as a service model. The economic drivers on the criminal side are just too powerful, so they will come after you no matter what size or type of business you run. And the fact that they can use RaaS as the tool of attack means that the number of attackers can increase exponentially, year over year.
Download our infographic to learn if your data protection is modern and efficient.
Criminal groups will now advertise their breach directly to your customers by posting your name on a shame website. This represents the third extortion. They will attempt to induce payment by talking to victims’ business leaders, quoting from financial documents and stock value reports. In certain cases after a non-payment, criminals have even turned their victims over to regulators! All of these are the (exceedingly public) ways these organizations are attempting to get paid for the attack they just successfully completed.
Cyber insurance companies have already pushed back by raising rates and refusing to insure companies against ransomware. This means companies must immediately devise new solutions to protect themselves. However, the problem is that the marketplace is so flooded with cybersecurity products that companies are too overwhelmed to find a good solution. While we can expect some compression of the cybersecurity market over the next year as bigger companies acquire smaller organizations, the fact remains that IT personnel need to follow a set of strict best practices no matter what their IT security posture looks like.
For more strategies on protecting your organization against modern threats, listen to our podcast with HPE:
Setting best practices is about understanding what you have. What’s valuable to you and taking the appropriate actions to protect it. Where do you start? By conducting a risk evaluation, such as NIST 800-37 or the recently published draft document NISTIR-8374.
Often senior executives don’t understand the risk that ransomware poses—or have a hard time believing the risk is real. A risk assessment enables senior executives to understand the organization’s various risk levels e.g. critical, high, and moderate risks. Conducting a risk assessment and adopting a risk management framework will help leadership set policies that will ultimately build a culture of security within an organization. This radical adoption and change in mindset are fundamental to operating in the digital age.
Remember what we said up top: This is a numbers game. Every company has a 25% chance of being hit by ransomware in any given year. Preparation will lead to a much better outcome than waiting for the critical level to happen and then trying to respond on the fly. Consider these best practices to form a preparation framework:
First: you need to get over the hurdle of thinking you’re not going to get hit. Remember that this is a numbers game—you are going to get hit! Protect your organization by downloading our 7 Steps to Ransomware Defense infographic.
Need help evaluating where your risk is? Contact us to analyze your people, business processes, and supporting technologies to create a prioritized risk register that tells us exactly what we need to do and exactly what you need to protect. It’s all about managing risk.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.