While businesses in Australia and worldwide were dealing with the challenges of a pandemic over the past year, many also faced another growing threat in the form of ransomware.
Malicious software attacks have long been a scourge of businesses of all sizes, but the rate and severity of attacks have exploded since March 2020. According to the Beazley Group, ransomware increased by 130% year on year, with ransom demands regularly hitting seven or eight-figure sums.
To obtain the sensitive information they're looking for, cybercriminals are increasingly prioritising access to the emails of senior staff that are more likely to contain this valuable data, so companies need to prioritise defence in these areas too.
2021 ransomware trends
The recent ransomware attacks on Colonial Pipeline and JBS prove that ransomware is highly profitable for criminals, as even if a ransom isn't paid, they can profit from selling your stolen data to other parties. No matter how many thousands of breach attempts fail, they only need to get lucky once to earn a substantial payday. The strength of cryptocurrency, Bitcoin, in particular, is another factor fueling the profitability of ransomware. Cryptocurrency allows criminals to operate and receive payment anonymously. Finally, many criminal groups operate in Eastern European countries where they face little threat from law enforcement.
Criminals are constantly learning and adapting their methods to make even more out of their victims. By threatening to release data slowly until a ransom is paid, they can put more pressure on companies to settle faster and avoid having to deal with trained ransomware negotiators. Of course, there's never a guarantee that criminals will return control of your systems and your proprietary data even if you do settle.
Criminals also benefit from high-profile attacks by foreign governments that do the hard work of
exposing vulnerabilities that they can then take advantage of for their own ends. This was seen recently in the Microsoft Exchange attack, where hackers took advantage of the same bugs identified in systems before they could be updated.
Rethinking executive access
Criminals exploit any vulnerabilities they can find in organisations, but their focus is increasingly on
going straight to the top. Executive emails can be a one-stop-shop offering privileged access to valuable corporate and personal information through actions as simple as clicking a link in a spear-phishing email (an email targeted at a specific individual or department within an organization that appears to be from a trusted source).
To plug this security gap, organisations should reconsider how access is assigned to individuals who may not necessarily need it. Giving all users the minimum level of access they need to perform their job will strengthen security by reducing the surface area of your business that's exposed in any single breach.
Best practices to protect your business
As well as limiting access, executives and all members of your business should be trained in good cyber hygiene to avoid making costly mistakes and protect against ransomware. This includes:
- Not clicking links in emails from addresses you don't recognise.
- Never give out your login details.
- Using a safe email browser that flags suspicious emails.
- Manually verifying email addresses before replying.
- Backing up important data in a separate network or server.
- Creating and practising an incident response plan.
It's also essential that your security solutions provide comprehensive protection against attacks. This should include:
- Malicious network traffic security
- Phishing protection and training
- Malware protection
- Continuous security monitoring
- Attribute-based access control
Comprehensive security solutions for SMB and Enterprise
Barclay Pearce Capital's client WhiteHawk Inc (ASX: WHK) is focused on next-generation approaches that leverage publicly available data sets, Artificial Intelligence (AI) based analytics, and online risk platforms that scale to identify, prioritise and mitigate a breadth of digital age risks in the near real-time. Their methods have been tested and evolved with government departments and Fortune 500 companies.
Using machine learning, any business can access their online and virtual service to help you discover, learn, receive immediate online matches to top solutions, find insights, affordable vendor products and services, or chat with smart cyber advisors in real-time, so you can own your cyber risk and success story.
To keep up to date with what's happening with WhiteHawk and the cybersecurity industry as a whole, subscribe to the Whitehawk Chairman’s List.