The Ransomware Problem
The recent headlines around the Colonial Gas Pipeline ransomware attack are yet another canary in the coalmine broadcasting the importance of routinely assessing your organization’s security readiness. Estimates put the total paid out to the hacking group behind this attack at around $90 million before they were shut down. As long as organizations remain susceptible to these attacks and, more importantly, keep paying the attackers, this threat will continue.
There were over 304 million ransomware attacks in 2020. Not all of them resulted in the attackers successfully extorting money from victims, but according to Coveware, a ransomware remediation service, the average ransomware payment grew to over $220,000 in the fourth quarter of last year.
Ransomware consistently ranks as one of the largest and fastest-growing security threats, with a massive 62% spike in attacks in 2020 compared to the year before, according to data in SonicWall’s 2021 Cyber Threat Report. The report also highlights how the impact of a global pandemic and record-high cryptocurrency prices combined into a perfect cyber-storm driving ransomware attacks to new heights–and that storm is showing no signs of easing.
The Cost of Ransomware
The cost of ransomware is not only limited to the amount of the attempted extortion, but hidden costs can further drain resources from a targeted business. For example, a recent report from Carbonite + Webroot reveals that 46% of ransomware targets indicated that their clients were also affected, which could have long-lasting impacts on the financial stability of all involved. Additionally, and most terrifyingly, the report discloses that 17% of victims could not recover their data after paying the ransom, which would be a catastrophic consequence for most organizations.
While these statistics are sobering and should be taken extremely seriously, there are measures that your organization can undertake to protect itself.
Defense As a Culture Shift
Effective protection against ransomware and similar threats requires a multi-layered approach, commonly referred to as defense in depth. With this tactic, numerous levels of security products and services are interwoven to create a robust barrier designed to thwart attacks. In addition, it should be noted that a dedicated cybersecurity insurance policy, with appropriate provisions and coverage to protect against ransomware and other security events, is also a necessity moving forward.
Whether it has been in the past or not, a strong cybersecurity posture should be a leading driver of not only your organization’s IT infrastructure but across your enterprise. Cybersecurity readiness needs to be valued at every level and by each team member. Cyber attackers understand that an organization is only as strong as its weakest link, and they will exploit any gaps or vulnerabilities that might exist.
Gone are the days when the function of cybersecurity is the sole responsibility of the IT team. Securing an organization from cyber threats is a team sport and requires education, awareness, and participation from all. No employee would think of leaving the front door wide open for thieves without locking up for the night. That same concept needs to be translated to less tangible assets as well. It might be a culture shift, but the change is necessary to secure an organization’s continued success.
When asked, “Who is responsible for cybersecurity in our organization?”
Every employee should answer, “ME!”
How Protected Is Your Organization?
To assess your vulnerability to ransomware and other cyber-attacks, consider the following questions.
- What is the current cybersecurity posture for your organization?
- How prepared is your organization to protect against ransomware or other security incidents?
- If you were hit by ransomware, how quickly could you recover?
- Are you and your staff trained and aware of your incident response plan to respond to a security event?
Based on your answers to these questions, here are a few key topics and questions to help you examine and assess your cybersecurity readiness.
Cybersecurity Education and Training
Does your organization have the following education and training opportunities in place?
- Ongoing education and training for all employees
- Social engineering, phishing, and other testing for employees
- Tabletop exercises and simulations
Security Policies and Procedures
Do you have established cybersecurity policies and procedures, and are employees aware of them?
- How do users report a suspected security incident?
- Do users have a mechanism to report suspicious emails and other items to IT?
IT Policy and Technical Controls
What is your organizational practice for the following?
- Policies (DR/BCP, Incident Response, AUP, etc.)
- Device Lifecycle Management (MDM, MAM, etc.)
- Authentication policy (Password Policy, SSO, MFA, etc.)
What would you do if your organization experienced exposure?
- How do you track/scan for vulnerabilities in your IT environment today?
- What is your patching/maintenance cadence to remediate vulnerabilities found?
- Are all your assets identified and accounted for?
Comprehensive Cybersecurity Protection
Mitigate your potential exposure to ransomware by utilizing an MSP with expertise in cybersecurity. Coretelligent’s CoreArmor solution unifies key security technologies into a single cohesive platform to provide expert monitoring and response across the entire environment—from critical infrastructure, servers, and endpoints, to cloud applications and services. As a result, your organization will not need to deploy and manage multiple vendors or products to effectively detect and prioritize the latest threats that put your business at risk.
Reach out to Coretelligent today and let our experts assist with mapping out and enhancing your cybersecurity posture to ensure your organization stays out of the ransomware spotlight.