Ransomware on the Rise: 5 Ways to Minimize Risk to your Organization

For years, cybersecurity experts have warned of attacks that could directly affect businesses. However, many companies are pushing preparations for potential attacks behind what are seen as more pressing daily priorities. Now, the threat has become very real as cybercriminals are getting more sophisticated and targeted with their attacks using ransomware to destroy critical infrastructure and exploit organizations for money.

COVID-19 has changed cyber priorities

The pandemic has weakened preparedness for the threat across all industries. As workers moved into off-site environments, hackers had many new and vulnerable entry points to use to their advantage. Every day, hackers are gaining more tools and developing improved strategies to more easily bypass corporate firewalls and gain access to confidential data. The pandemic has rapidly changed our work environments, and a lack of accuracy around security protocols has put many companies at greater risk than ever.

A recent hack disrupted the entire US East Coast when the fuel supply was cut off after a gang of criminal hackers broke into the company’s security system. The pipeline provides a large supply of gas to the east coast and due to the shutdown, millions of people were left without access to gasoline causing panic among consumers.

The breach led to the spread of ransomware attacks and highlighted the dangerous repercussions that a security attack can have on our way of life. Attacks on critical infrastructure such as utilities, communications, healthcare, emergency services, etc. are expected to increase, fueling changes in national cyber doctrines and defensive measures that nations will take.

These types of attacks certainly won’t be the last. As the world emerges from the pandemic, expect to see escalating attacks on the supply chain. In fact, a worrying indicator shows that 53% of organizations do not prioritize investments in supply chain security.

Private companies and the retail sector are showing increasing risks

President Biden recently signed an executive order to help strengthen the federal government’s cybersecurity defenses, an important step toward prioritizing cybersecurity. Where the government has taken such steps, private companies are still playing a catch-up role.

A global study commissioned by Wipro found that over the past year, 86% of all nation-state attacks in 2020 were classified as espionage, and 46% of them targeted private companies. The study also indicated that some industries such as healthcare, energy and manufacturing have become prominent targets for cyber attacks. The retail and consumer sectors, for example, carry the highest risks: Forty-seven percent of all suspicious social media profiles and domains were active in the retail and consumer sectors.

In an additional indication that the pandemic has led to an increase in cyberattacks, INTERPOL found that between January and April 2020, an INTERPOL private sector employee discovered approximately 907,000 spam messages, 737 incidents of malware and 48,000 malicious URLs, All related to COVID-19. partners.

Cybercriminals are becoming more and more sophisticated in their attacks, and the ease with which they launch an attack is increasing every day.

Brands in these sectors are increasingly concerned about the repercussions of violations with 75% of companies saying they are concerned that a bad cyber event could damage the brand’s reputation in the market.

Artificial intelligence and machine learning are the future

As companies search for solutions to cybercrime, many have turned to artificial intelligence, machine learning, and the Internet of Things. Organizations often have little confidence in their ability to successfully protect data with 59% of surveyed organizations aware of their cyber risks, but only 23% were confident in their ability to prevent cyber attacks.

Sophisticated technologies such as automation are essential for companies to improve detection time, triage, and response in the event of a potential attack. This may explain why 35% of organizations say their cyber investments focus on security automation, which is the top priority among many of the studies surveyed.

It is imperative that more organizations implement dynamic solutions to combat cyber attacks by building a first line of defense that frees workforces and creates efficiencies.

  1. Evaluate the current state of your safety net and solutions to identify areas of strength and weakness.
  2. Review your IT architecture and debug workstations, implement multi-factor authentication and privilege account management where necessary.
  3. Enhance existing operational technology (OT) and IoT environments using network segmentation and updated policies.
  4. Implement a rigorous security awareness program that allows all employees to be active participants in the organization’s ongoing cybersecurity hygiene.
  5. Ensuring business resilience and continuity with a robust incident response and crisis management structure that places equal emphasis on response and recovery as well as detection and prevention. An essential step in the cyber resilience journey is to assess existing IR readiness to detect, contain, recover and investigate security incidents followed by assessments (exercise on table, scenario-based assessments, etc.) Make sure to apply advanced backup technology, which will protect your backups from ransomware and restore data when necessary.

The pandemic of the past two years has proven to be a major disruption factor, highlighting many flaws in cybercrime preparedness in many industries. However, there is an opportunity for government and business leaders to fix the loopholes and prepare for the future. Supporting good automation with best practices will ensure that organizations are prepared for success against future attacks.

Leave a Comment