The Big Disaster: Protection From Vicious Cyberattacks
Cyberattacks are on the rise. Don’t let your organization fall victim to one. Learn how your organization is at risk and how to safeguard your business.
It’s scary, and not everyone’s favorite topic, but let’s face it, there are highly motivated malicious actors who spend all their time trying to hack into your organization, either for financial gain, or malintent. I liken it to COVID – it’s not a matter of IF you will get the virus, but WHEN. You know all about the virus (cyber and human), you’ve safeguarded with vaccines and other precautions, but you must stay constantly vigilant to protect yourself. When you do suffer from COVID or a cyberattack, you can’t operate at top performance, and you don’t know what the long-term effects will be.
How do they get in? The most common ways are old, unpatched vulnerability in a system; a phishing email that successfully fools an employee; the use of access credentials purchased or obtained from data leaks, any number of Ransomware-as-a-service (RAAS) groups, or other tactics employed by cybercriminals to infiltrate a company’s network. Organizations are most vulnerable when there’s a siloed IT department, employee changeover, or when they’ve just been hit by a cyberattack, are halfway back up, and are hit again.
The most famous recent attack was in 2021 when Colonial Pipeline, one of the largest pipeline operators in the United States providing roughly 45% of the East Coast’s fuel, including gasoline, diesel, home heating oil, jet fuel, and military supplies, was attacked.¹ A ransomware outbreak, linked to Russian-based DarkSide group, struck Colonial Pipeline’s networks, and operations were fractured for over a week. The hackers “exfiltrated” material from the company’s shared internal drive via an account which was not protected by multifactor authentication and demanded approximately $5 million in exchange for the files. Within hours after the attack the company paid a ransom of nearly 75 Bitcoins ($5 million) to the hackers in exchange for a decryption tool, which proved so slow that the company’s business continuity planning tools were more effective in bringing back operational capacity.
The Colonial Pipeline incident and the events and announcements discussed above shed light on how organizations can prepare for, and respond to, ransomware and other cybersecurity incidents that involve similar attack vectors and unauthorized access by cyber criminals.
The number of cyberattacks per week on corporate networks increased 50 percent in 2021 compared to 2020, peaking at an all-time high in December. The number, intensity and variety of these attacks is increasing in 2022 as cybercriminals continue to devise new strategies to launch sophisticated attacks.²
In response to the Colonial Pipeline attack, and other high-profile attacks, President Biden signed an executive order on May 12, 2021, increasing software security standards for sales to the government, tighten detection and security on existing systems, improve information sharing and training, establish a Cyber Safety Review Board, and improve incident response³. The United States Department of Justice also convened a cybersecurity task force to increase prosecutions.
The 18-page order includes numerous ambitious requirements with deadlines ranging from 14-360 days and is divided into sections relating to, among other things:
While it pertains specifically to federal networks, in taking a bold step to chart a new course, the order encourages “private sector companies to follow the Federal government’s lead and take ambitious measures to augment and align cybersecurity investments with the goal of minimizing future incidents.”
Although any organization is a potential target, many malicious actors go after small businesses thinking that their security is not as iron-clad. Typically, smaller organizations have not invested as much money into disaster recovery and business continuity as larger companies. Among small businesses with fewer than 250 employees, the average reported cyberattack cost was about $25,600, according to a 2021 report from Hiscox, an insurance provider.⁴ That amount could be enough to shutter some small firms. Cybersecurity Ventures expects global cybercrime costs to grow by 15 percent per year over the next five years, reaching $10.5 trillion USD annually by 2025, up from $3 trillion USD in 2015.⁵
“Cybercrime is very opportunistic,” says Nathan Little, vice president of digital forensics and incident response for Tetra Defense, a cyber risk management company that assists insurers and companies in preventing and recovering from cyberattacks. “Every company, no matter what the size, is an opportunity for a cybercriminal to make some kind of money.”
Larger organizations as well as government entities are not safe either, as demonstrated by Colonial Pipeline, as well as Wal-Mart or the recent New Hampshire school system breach. Attackers also infiltrate through trusted vendors who have not properly safeguarded against attacks.
Many organizations lack an appropriate level of preparedness to defend against disastrous attacks. Even firms that have invested in cybersecurity broadly may be unaware of how to prepare for, and defend specifically against, ransomware attacks. There are many ways to protect your organization from cyberattacks, but these are the top ones, based on my experience.
The most significant risk for cyberattacks at your organization is the end user. A team of hackers can unleash the most potent cocktail of malware on a system, but if no one opens it, the attack is rendered useless. The biggest threat are weak passwords. Hackers are sophisticated and have moved beyond guessing your favorite ice cream flavor or your childhood pet to installing ransomware which efficiently attempts every combination of letters, numbers, and characters.
As businesses have shifted to remote or hybrid work environments, it’s smarter than ever to move to the cloud for anywhere, anytime access. Microsoft Azure is built on a foundation of trust and security. With significant investments in security, compliance, privacy, and transparency, Azure provides a secure foundation to host your infrastructure, applications, and data in the cloud. Microsoft also provides built-in security controls and capabilities to further help you protect your data and applications on Azure.
Not quite ready to move to the cloud? We regularly help customers with on-prem security measures, as well as a roadmap to the cloud.
If a client has been breached, the very first thing we ask them is if they have their data backed up. Of course, this happens automatically in the cloud, but for on-prem or hybrid customers, it’s an important question. It can mean the difference between a dead-in-the-water or business-as-usual scenario. In addition to ransomware attacks, you need a back up in case of system crashes, hard drive fails, theft or simply human error. Your data is too precious to lose.
Many businesses are now required to purchase cybersecurity insurance, especially if they store important, sensitive customer information such as phone numbers, credit card numbers, Social Security numbers, or HIPPA information.
Right now, drop everything, and perform this simple checklist to better safeguard your organization.
Additionally, I recommend taking this quick assessment to see where there may be holes in your security operations. Get in touch, and let me know if we can partner with you to look at your current security measures and make recommendations. In the meantime, STAY SAFE out there!
References
Talk to us about how Velosio can help you realize business value faster with end-to-end solutions and cloud services.
"*" indicates required fields