Ransomware attacks have been on the rise for years around the world, including in our own backyard. Mecklenburg County, the home of one of the nation's fastest-growing fintech hubs, was targeted by a ransomware attack in 2017 that brought its operations to a screeching halt after an employee fell victim to a phishing email containing malware. Cognizant, Michigan State University, Honda, and more have all fallen victim to ransomware in the last 5 years.
The attack on Colonial Pipeline is one of many ransomware attacks, but it has catapulted the issue back into the limelight to show the devastating impact that a ransomware attack can have. Nick Merrill, a researcher with the Center for Long-Term Cybersecurity at UC Berkeley School of Information, shared his thoughts in an interview with CNN, saying "The first thing that comes to my mind is: Thank God this wasn't water."
When it comes to ransomware, people often assume that small businesses are the companies that are most vulnerable to attacks. While it's true that small businesses often have fewer cybersecurity measures in place, the reality is that businesses of any size are at risk. Even the smallest security slip can give attackers access to your network and its data. While the source of the attack on Colonial Pipeline's network hasn't been disclosed, hackers are more cunning than ever in crafting their attack strategies.
In late 2020, phishing emails regained their position as the top source of ransomware attacks, overtaking remote desktop protocol to become the leading threat targeting companies of all sizes. Datto reports that 1 in 5 SMBs report they've fallen victim to a ransomware attack, while 85 percent of MSPs report that ransomware is the most common malware threat to SMBs - 15 percent report multiple ransomware attacks in a single day.
Every company, regardless of its size, should have a business continuity and disaster recovery (BCDR) plan in place for when a disaster does strike. The business continuity strategy keeps operations running throughout a disaster while a disaster recovery strategy helps plan a path forward. Colonial Pipeline's response to their cybersecurity breach was reactive, with the company hiring a third-party cybersecurity company to assess the damage that had been done and then develop a recovery strategy. The company was also hiring for multiple cybersecurity positions at the time of the attack, including one listing for a Cyber Security Manager that remains open - any takers?
While the company had basic cybersecurity measures in place, failing to take a proactive approach to their cybersecurity strategy not only stunted their operations for an entire week but also launched the Southeast into the largest gas shortage in recent memory. With a proper BCDR plan in place, Colonial Pipeline could have had processes in place to launch a recovery from the moment a breach was detected.
While Colonial Pipeline's operations have now recovered and services have resumed, the cost of their cybersecurity breach goes well beyond the $5M in cryptocurrency paid to the attackers. Third-party assistance, company downtime, and lost revenue give just a small glimpse at the full financial impact that this attack has had on the company - not to mention the impact on its reputation and on the customers they serve. From small businesses to large corporations, this month's attack is a wake-up call for business owners who may not have a true cybersecurity plan in place.
With attacks coming from every angle, ensuring that your network is completely covered protects your business, your team, and your customers when disaster strikes. SeedSpark's Managed IT team provides reliable and secure technology solutions for small- to medium-sized businesses, proactively installing the latest updates, performing network penetration testing, and maintaining cloud storage solutions for your organization. Are you ready to take your team's cybersecurity to the next level?