You may have seen cybersecurity popping up more in your news feed lately. Possibly even in a recent segment on your local newscast. This is due to two major attacks that have far-reaching consequences.
Many data, network, and email security professionals have seen this coming for a while. Hackers have been honing their skills, branching out into offering Ransomware as a Service, and conducting more sophisticated attacks using AI.
What’s happening now could be called a “cyber pandemic,” that’s spreading rapidly.
A few trouble statistics that illustrate the rising threat:
- Over the last two years, 83% of companies have been hit with a firmware attack.
- Phishing attempts have increased 364% between 2019 and 2020
- Early 2021 saw a 102% increase in ransomware attacks over early 2020.
What has caused cyberattacks to jump to the top of the priority list for many organizations recently? Two high-profile attacks that happened in May 2021.
Colonial Pipeline Cyberattack
The ransomware attack on Colonial Pipeline caused a nationwide rise in gas prices to an average of over $3.00 per gallon. That’s a level they haven’t been at since 2014.
The attack also caused widespread outages of gasoline across the East Coast due to the shutdown of operations at this major pipeline for about six days.
What happened?
On May 7th Colonial Pipeline, which supplies about 45% of the East Coast’s petroleum-based products like gasoline and diesel fuel, was hit with a ransomware attack on its technology systems.
This caused the pipeline to have to shut down operations. That had a near-instant ripple effect as people began panic-buying gasoline from fears there would be a shortage.
Just shy of a week later, the pipeline began operations after doing what over half (56%) of ransomware victims do, which is to cave to the hackers and pay the ransom.
This underscores that even larger corporations that you think would: a) have ransomware protections in place; and b) have backup data that could be quickly restored, may not have either.
The payment of the ransom to hackers (which in Colonial’s case was in the neighborhood of $4.4 million), is why ransomware is getting worse. It’s growing in volume and amount of ransom demanded.
JBS SA Cyberattack
On the heels of the Colonial Pipeline attack was another ransomware attack, this one on JBS who is the world’s largest meat producer and owns brands like Pilgrim’s Pride, Swift, and Certified Angus Beef.
The FBI attributed this attack to a well-known Russian criminal organization called REvil.
Several JBS plants had to stop operations for several days as the company worked to restore its technology systems. It’s not yet known whether JBS also paid a ransom to regain access to its data.
All of the company’s U.S. beef plants as well as plants in Australia and Canada were impacted by the shutdown. This is an example of another cyberattack with far-reaching consequences as this one could potentially impact meat supply and food prices.
What Should You Do About Ransomware?
No company is safe from a ransomware attack, no matter how small or large. Unfortunately, this type of attack is both one of the most devastating to the victim and one of the most lucrative to cybercriminals.
The best preparation is a two-pronged approach that includes both mitigation and disaster recovery.
Mitigation
Preventing a ransomware attack, as well as other types of attacks, should be a major priority for any business. The cost of cyberattacks can often pose an existential threat to smaller businesses.
Between 2020 and 2021, the average cost to remediate a ransomware attack has skyrocketed from $761,106 to $1.85 million.
Companies need a combination of basic cybersecurity best practices and advanced measures designed to match AI-driven attacks. These include:
- Managed updates
- Managed Antivirus/anti-malware
- Next-gen firewall with advanced threat protection (ATP)
- Remote worker safeguards like mobile device management and VPN
- Ongoing employee training on phishing, malware, and data security
- Managed cloud security
- Password security and use of multi-factor authentication (MFA)
Disaster Recovery
Data backup and recovery are vital to ensuring a speedy return from a ransomware attack and to avoid having to pay the ransom. Some companies with a backup will still pay the ransom because they don’t have a good recovery function in their backup solution.
You need to ensure any backup system you use takes a full image backup and can quickly recover your data to a device once it’s cleaned of any malware. It’s also advisable to run cybersecurity drills, where your team practices the response to a cyberattack, including doing full data recovery.
According to IBM security, simply having an incident response plan and a practiced team in place can reduce the average cost of a data breach by 48%.
Schedule a Security Assessment Today to Ensure You’re Properly Protected
Unity IT can provide your Fresno area business with a full IT security assessment to review your current safeguards, identify vulnerabilities, and provide recommendations to address any weaknesses.
Contact us today to schedule a technology consultation at 559-297-1007 or reach out online.