Ransomware has been a threat to all business industries for years but there has been a significant increase in the number of ransomware attacks in the last few years and there is no sign of the problem slowing down.
Since the COVID-19 pandemic took hold of the world in 2020, more than 750 healthcare providers were impacted in the United States with a collective recovery cost of nearly $4 billion, according to a piece by Information Security Buzz. The Ransomware Trends 2021 report issued earlier this month by the Health Sector Cybersecurity Coordination Center (HC3) under the U.S. Department of Health and Human Services shows that between Jan. 1 and May 25, 2021, there have already been a total of 82 ransomware incidents impacting the healthcare sector worldwide. Of those, 48, or nearly 60 percent, impacted the health sector in the U.S.
The healthcare sector is far from the only industry being impacted by ransomware attacks. The Colonial Pipeline Company, a U.S. energy company, suffered a ransomware attack that forced it to shut down its entire fuel distribution pipeline on May 7, 2021. The attack led to jet fuel and gasoline shortages along the eastern seaboard of the U.S. for a week before the company was able to restore service on May 12. The Eastern European hackers responsible extorted the company of nearly $5 million before the Federal Bureau of Investigation (FBI) became involved and recovered a significant portion of the funds paid by the company. This hack demonstrated how vulnerable U.S. energy and utility companies can be to ransomware attacks.
In addition to healthcare and utilities, food producers have also made the list of the 10 largest ransomware attacks of 2021 to date. Just last month, JBS Foods, one of the biggest meat processing companies in the world experienced a ransomware attack by the Russian-based hacking group REvil. It was confirmed on June 10 that JBS paid an $11 million bitcoin ransom after consulting with cybersecurity experts. That payment became one of the largest ransomware payments of all time, according to CBS News.
The financial cost to businesses is becoming insurmountable. According to a recent survey by Sophos, the recovery costs after a ransomware attack have now reached nearly $2 million. That’s more than double the recovery cost just a year ago, according to the Sophos report.
So what is a business owner to do? For starters, you must know what you’re up against. Next, there are steps for preventing the threat from opening the door to your business. The cybersecurity professionals at ORAM Corporate Advisors have updated this guide to ransomware for 2021 so you can stop ransomware before it stops your business.
What Ransomware Is
Ransomware is a malicious malware that targets the private files of your business. While malware can cause some annoying problems or create more malicious issues such as reformatting a disk or deleting files, ransomware is different. Ransomware is a malware that infects computers and restricts access to files, stopping businesses in their tracks.
When you run into ransomware, you will know it because it will notify a system’s user that it has been attacked. The notification will come after the damage has been done and your information is already encrypted. A cybercriminal will use the ransomware to demand a ransom, typically money or cryptocurrency such as bitcoin, in exchange for the safe return of an organization’s files. If the funds are not paid, the cybercriminal responsible may delete or publish your private business files. If you do pay, you may still not get your data back anyway as the hacker responsible can simply take the money and run.
Like a virus that can attack the body, ransomware can attack an entire network. And like viruses, ransomware can morph and adapt from the way it spreads to the way it encrypts data. This means a business must approach protection on a multitude of fronts and be ready to adapt to new protections as they are developed.
Means of Protection
Your IT provider should offer you protection through at least six areas. By securing a variety of entryways and providing layers of protection, your business will be safer from all threats including ransomware. At ORAM, we take a six-step approach to protecting our clients against ransomware and other cyber threats.
The most basic layer of security is to monitor and patch all computers and applications on an ongoing basis. We address all known operating system security vulnerabilities with the latest patches. This measure is the first step in protecting your operating system particularly when a flaw has been uncovered. Your company’s outside business IT partner or in-house professionals should be providing the latest patches to ensure your operating systems are running at peak performance while ensuring any system vulnerabilities are addressed.
Anti-Virus and Network Monitoring
Businesses are being targeted every day through a plethora of avenues: email, ad networks, mobile applications, etc. This is why the second part of a best-in-class security network employs both anti-virus and network monitoring. These two pieces of the security puzzle examine all traffic on your business network and all files. The anti-virus employs a filter to protect them from all known threats. Your anti-virus should be updated regularly in order to identify the latest viral threats.
Backup and Disaster Recovery
One of the things cybercriminals bank on is that your business didn’t think ahead in terms of implementing backup and disaster recovery. That’s why this step is a must, especially where ransomware is concerned. There can sometimes be gaps between when a threat is introduced to your network and remediation of the full system.
To ensure that your data is safe, it’s best to have a full system backup in place to protect your back-office systems. This will enable your business to stay on top of things if and when an attack occurs and it provides a recovery option for unknown threats. In the event of a catastrophic failure or a ransomware attack, a good backup can get your business back online fast.
Though backup and disaster recovery provide a layer of protection for your back-office systems, businesses should also have backup and recovery of data for all devices. Devices such as laptops and tablets create, share, and store business data. Should a device become lost or a cybercriminal capture your proprietary data and sensitive information from these devices, your business will still be covered. This can have a significant impact on your business productivity and profitability. Your endpoint program should offer real-time data backup on such endpoint devices to prevent the compromise of business-critical information and keep your organization moving full-steam ahead.
Secure File Sync and Share
In today’s global society, being able to work remotely, collaboratively, and securely from any device anywhere is a modern business necessity. With the proper software in place, your employees can securely collaborate from any location on any device including their smartphones and tablets. Such a system can allow you to grant access and editing controls for specific documents including those in Word, Excel, and PowerPoint. Such software also allows you to recover documents employees may have accidentally deleted or that have been lost due to malicious activity.
Education and Awareness
One of the best steps you can take in protecting your business against ransomware or other digital threats is to educate and train your employees. With proper cybersecurity awareness training, you can turn your employees into your most important layer of defense. They should be trained and provided with educational materials about cybersecurity risks, new ransomware strains, and the best practices for spotting phishing attempts, suspicious emails, and other security risks. Additionally, they should be provided a simple and quick way to report any suspicious activity. By empowering your employees with such training, they can become proactive in the fight against cyber threats to your business.
The threat of ransomware is only expected to get increasingly worse. The total global costs of ransomware attacks is expected to exceed $265 billion by the year 2031, according to a June 4, 2021, report by WBOC. This is why it’s imperative for businesses to stay ahead of cybercriminals when it comes to security.
While such protection may seem overwhelming, it’s nothing when compared with the downtime, stress, and financial cost of dealing with a ransomware attack. If you need assistance in protecting your business against ransomware, contact ORAM Corporate Advisors today for a free, no-obligation consultation at (617) 933-5060.