First, it was the Colonial Pipeline in May causing major gas disruptions for millions of Americans. Yesterday, JBS Foods, one of the country's largest meat producers became the latest victim of a cyberattack. Last weekend the company was hit by ransomware that affected all of JBS's U.S. meatpacking plants. This resulted in the closure of all nine of the company's beef plants in the United States. As of the publication of this blog, JBS is beginning to bring operations back online, and they are hopeful this short outage won't have a major impact on the supply of meats in the U.S. To be safe, the U.S. Department of Agriculture has reached out to meat processors around the country and encouraged them to accommodate additional capacity to help keep the supply chain moving.
So what do both of these major ransomware attacks have to do with you and your business? First and foremost, it is an education in what ransomware is and how it can affect your business. Ransomware attacks happen when cybercriminals steal an organization's data and lock down its computers and systems. Most companies have to shut down all operations to disconnect from the systems that were breached. To regain access to their network and prevent the release of sensitive information, the hackers demand a ransom. Most law enforcement experts agree that paying the ransom to these criminals is not the way to go, but many times, companies don't have the ability or resources in place to get back up and running without business interruption. Also, paying the ransom doesn't guarantee you are going to get your data back or that the criminals won't release it on the dark web.
Colonial Pipeline initially came out and said they were not going to be paying any ransom in the attack. Just days later it was reported that they paid $4.4 MILLION to hackers to get their operations and data back online. The CEO of Colonial Pipeline said that given the high stakes involved in the shutdown of the critical energy infrastructure and being unsure of how bad the breach really was, they chose to pay the ransom to get operations back online. Colonial received a decryption tool, according to the Wall Street Journal, and while it proved to be of some use, it ultimately wasn't enough to immediately restore pipeline systems.
So what does all of this have to do with your business or your company's business? If you own or work for a small to mid-size business, these two examples are MAJOR red flags for you. These huge enterprises have a slew of resources available for cybersecurity, and both became victims of ransomware. Think about what your business has in terms of cybersecurity. Assets for IT at small and mid-size businesses are much less than that of multibillion-dollar corporations. The chances of a small or mid-size business falling victim to a ransomware attack are so much higher than the large enterprise.
ID Agent recently released their annual report entitled The Global Year in Breach, and some of the statistics about phishing and ransomware are astounding. For instance:
- Phishing attacks increased more than 660% in 2020 and became Google's biggest phishing topic in HISTORY!
- The shift to remote work due to COVID-19 exposed insecure systems and unprepared workers with disastrous outcomes. One study showed that remote workers caused half of all data breaches and exposed businesses to 78% more insider threats, while over 60% of remote workers interacted with phishing emails.
- The primary delivery system for ransomware is phishing, and with the skyrocketing stats on phishing, it is no wonder that there was a 715% increase in ransomware attacks in 2020!
- It is estimated that a ransomware attack is launched every 11 seconds!
With the explosion of phishing and ransomware, along with the restricted budgets of small and mid-size businesses for IT resources, the chances of a cyberattack on those companies is through the roof. What are these businesses to do then to protect themselves, because let's face it, it's no longer a matter of IF an attack occurs but WHEN.
Here are five ways your business can protect itself from ransomware, as recommended by the Federal Trade Commission:
- Update software often, and make sure all networks are patched in a timely manner.
- Back up your data on a consistent basis and keep your backups separate from your network. This ensures that if your network is attacked, your backup data remains secure.
- Know what devices are attached to your network so you can identify your exposure to threats. Implement programs like endpoint security, email authentication and intrusion prevention software to mitigate your risk.
- Have an incident response plan in place and test it! Being prepared means being able to handle a crisis more effectively.
- Educate your employees on how to recognize phishing attacks and other forms of social engineering. Trained employees are one of the best defenses against cyberattacks.
If your company does not have an internal IT department to handle these types of tasks, a Managed IT Services Provider is a great way to get your business protected from cyberattacks. A reputable Managed IT Services Provider can offer you a program to handle these items for one monthly fee. From network patching, endpoint security and data backup to employee education programs on phishing, Fraser's Managed IT Services group can work with you and your budget to put together a plan that addresses ransomware protection and keeps your business as safe as possible.
To learn more about the year in breach from our partners at ID Agent, download the full Global Year in Breach report.