When the pandemic sent us home to work, there was an exponential increase in cyberattacks. While cyberattacks of every type increased, there was an explosion in ransomware attacks during the height of the global pandemic, which were up 150% over 2019 levels. The monetary amount paid by victims increased more than 300% during the same time. In 2022 and beyond, there is no time to waste.
There was also another dramatic increase in high-profile attacks, which affected critical infrastructure, municipalities, and private companies. Threats and attacks have become more sophisticated with ransom demands reaching 6 or 7 figures, as “bad actors” are seizing sensitive data and holding it hostage.
Ransomware attacks have evolved, and you need to act now to prepare your business for a potential attack.
Attacks Have Changed
Before COVID-19 lockdowns, ransom attacks typically involved only deploying ransomware, typically through a phishing email clicked on by an unsuspecting employee. This malware would encrypt the company servers, and a decryption key would be offered in exchange for ransom.
Today, the game has changed. Attackers have gotten more sophisticated and are focused on exfiltrating company information. These threat actors are often highly organized criminal organizations based in eastern Europe. They understand the company’s financial history, its industry, and how to exploit the company to maximum effect.
The hacker then follows up with a “pay or else” ultimatum. Next, the company is warned that if they choose not to pay their confidential data will be posted on the dark web. The company is left between a rock and a hard place. Either pay up or risk the release of sensitive, valuable information.
Reducing The Risk
There are several steps you can take to reduce your company’s risk of a ransomware event, and the damage if you are attacked, including:
- Having and reviewing your business response plan to understand who is responsible for what actions should an event occur.
- Review your cyber insurance policy to ensure that ransom is covered, and the level of coverage is appropriate for today’s reality.
- Enable multi-factor authentication on all accounts. Include social media, and make sure strong spam filters are in place.
- Establish a secure communication channel for senior management if a cyberattack takes down company systems.
- Train and educate your employees to identify phishing emails and the tricks that a bad actor might use to prompt action.
- Identify high-risk employees, for example, those with administrative access, who might unknowingly help perpetrate an insider attack.
- Assess your key vendor’s cybersecurity protocols, especially if they handle any sensitive or critical company data.
- Test your backup systems regularly and keep them segregated from all other company systems.
We’re living in an unprecedented time. Technology has evolved and so have the risks. Most senior management of companies that have been attacked say they never imagined they’d need to make ransom decisions to pay hackers holding their company hostage. Put a plan in place and take steps to reduce your risks to be prepared should the unthinkable happen.
About Logista Solutions
Logista Solutions is a nationally recognized leader in a broad range of technology management solutions. As one of the largest technology support providers in the U.S., Logista provides innovative and holistic solutions to help companies take control of their IT infrastructure and achieve better business outcomes. Popular services include Managed IT as a Service, VoIP and Unified Communications, Managed Print, Cloud Services and Asset Disposition.
