Reducing your susceptibility to an attack will make you a less attractive target to financially motivated cyber-criminals. This article from CIO by Rick Grinnell, provides advice to managers concerned about their companies' vulnerability to ransomware and other schemes.
As organizations adjusted to pandemic-induced remote work, cybersecurity experts worried that cybercriminals would take advantage of relaxed security habits, and if that happened, the aftermath could result in massive cyberattacks.
Well, during the worst of Covid-19, phishing campaigns skyrocketed, many of them centered on coronavirus concerns, testing, and later, on vaccines. And now we are seeing the impact of those campaigns – a surge in ransomware attacks. Sophos has reported that 51% of organizations worldwide were the target of a ransomware attack in the past year, with criminals successfully encrypting data in 73% of these cases. At this point in time, not only does it seem like each new ransomware announcement is bigger than the last, but we’re seeing how ransomware can impact everyday life. After a short reprieve, threat actors have resumed their assault on healthcare, taking down access to equipment like MRI and X-ray machines and patient data.
While many of the attacks have targeted small and mid-size businesses – even my local veterinarian had their records encrypted – they also have gone after bigger fish, most significantly in the critical infrastructure pond. The Colonial Pipeline attack created a panic that led to gas shortages. Cybercriminal groups like REvil have shut down food-source supply chains and are now responsible for the latest ransomware attack on software vendor Kaseya, which has impacted hundreds of companies worldwide. REvil is extorting $70 million from Kaseya, the largest ransom yet, at least as of this writing.