It only takes one wrong click and a matter of seconds to take out an entire company’s critical data. 2021 has seen a significant uptick in cybercrime and is likely to be labeled the worst year ever for data breaches. With a ransomware attack hitting a new business every 11 seconds, businesses of all sizes must put cybersecurity at the forefront of business strategy to stay ahead of threat actors. In this post, we’ll cover the top ransomware attacks of the year so far and what you can do to safeguard your data.
How Ransomware Works:
Ransomware is a form of malicious software (malware) that encrypts a user’s files and prevents victims for regaining access until they pay up. Even then, hackers may not relinquish your files – leaving you without cash or a key to access your data. This type of attack is often deployed through phishing emails containing infected attachments or links, fraudulent advertisements, social media sites and infected websites. A week security posture, paired with uninformed employees and aged technology creates the perfect storm for repeat targeting.
Ransomware in the News:
- On March 23, top U.S. insurance company CNA Financial Corp suffered a ransomware attack by hacker group Phoenix. The attack surfaced after an employee downloaded a fraudulent browser update that came from a legitimate website. The breach affected over 75,000 individuals. The company ended up paying $40 million in ransom to retrieve their encrypted data and restore their IT systems.
- On April 14, the Houston Rockets discovered unusual behavior within their internal network, leading them to swiftly take action to block the breach. Fortunately, the NBA team had security measures in place that reduced the impact of the cyberattack. The ransomware gang Babuk reportedly stole 500 gigabytes of data including player contracts and financial data.
- On May 7, major U.S. oil pipeline operator Colonial Pipeline underwent a ransomware attack that caused fuel shortages across the east coast. The cause of the breach? A compromised password from an unused virtual private network (VPN) account. With username and password in hand and no multifactor authentication set up as added security, hackers easily gained access to the pipeline’s IT network. Colonial Pipeline handed over $4.4 million to Russian affiliated hacker group known as DarkSide. In the end, they were able to recover $2.3 million with the help of the FBI.
- On May 30, JBS, the world’s largest meat processing plant, halted operations in the U.S., Australia and Canada due to a ransomware attack. Russian hackers known as REvil targeted servers supporting the company’s operations in North America and Australia, forcing them to pause operation at nine plants. The cyberattack impacted thousands of workers and caused disruptions to the food supply chain. In the end, JBS paid $11 million in Bitcoin to regain access to their IT systems.
- On July 2, Kaseya, an IT management software company, suffered a ransomware hit by REvil that exposed nearly 1,500 customers worldwide. The Russian hackers found zero-day vulnerabilities in Kaseya’s Virtual System Administrator software that companies use to managed endpoints and streamline their IT services. Hackers initially demanded $70 million, but Kaseya didn’t hand over a penny. Instead, Kaseya used a universal decrypting key to unlock files.
How to Safeguard Your Data:
Although the cases mentioned above are high-profile cases, ransomware strikes businesses of all sizes. Small to medium sized companies are a prime target for cybercriminals because they tend to lack sophisticated cybersecurity solutions and are often an entry point to take down larger organizations. Below are seven ways to secure your endpoints and increase your line of defense against threat actors.
- Prioritize Cybersecurity – the benefits of investing in good cybersecurity far outweigh the costly impact of a data breach. Setting cybersecurity on the backburner makes you an easy target for cybercriminals. Having a dedicated IT team on hand 24/7 will strengthen your line of defense against cybercriminals looking for an easy victim.
- Create a Cybersecurity Plan – having an effective cybersecurity plan that outlines your company’s security policies and procedures will help navigate you through the threat landscape. Cybersecurity plans address items such as company data and device usage, email security, confidential information and provides an action plan if a data breach occurs.
- Offer Employee Training – providing cybersecurity awareness training to every person in your organization will help them quickly spot cyberthreats such as phishing emails and strengthen your human firewall for both onsite and remote employees.
- Update Operating Systems Regularly – Keeping devices up to date with the latest OS offers enhanced security, efficiency and patches bugs and other vulnerabilities that may weaken your system.
- Have Backups – Always back up your IT systems and store those backups in a secondary location, away from the primary network. This allows you to recover data in the event of a disaster.
- Secure All Accounts – Always use a unique password for every online account access. A strong password of at least 12 characters paired with multi-factor authentication provides a strong shield against hackers. Using a secure password manager will make it east to store your library of passwords.
- Use Antivirus Software and Firewalls – while antivirus software is designed to detect and remove viruses from your computer, a firewall is a protective barrier that monitors and protects your local network from outsiders trying to gain unauthorized access to your computer. Keep both up and running to maximize your security.
IT security isn’t a check it off your list once and you’re done type of task. It’s an investment that requires ongoing strategy, commitment, understanding and cooperation from every individual within your company. By implementing good cyber hygiene, providing employee cyber awareness training and turning to the guidance of an experienced cybersecurity team, you’ll be better prepared to snuff out the flaming darts cyber criminals throw your way. After all, it’s not a mater of IF a cyberattack will come your way, it’s a matter of WHEN.