Experts predicted that a ransomware attack would take place every 11 seconds in 2021 - so far, that statistic is likely in line with reality. Two ransomware attacks have disrupted major services around the world in the last month alone: Colonial Pipeline, one of the Southeast's main sources of fuel, and JBS, one of the world's largest meat producers, were both targeted by individual attacks, costing the companies billions of dollars and disrupting national and global economies in the process.
In response to increased threats, the White House is urging businesses of all sizes to take immediate steps to prepare for a wave of ransomware attacks. In an interview with Fox Business, Mark Ostorowski, Head of Engineering at cybersecurity software company Check Point Software called the recent spike in attacks a "ransomware pandemic," citing the increased threat of triple extortion as one of the largest emerging threats.
"The private sector also has a critical responsibility to protect against these threats. All organizations must recognize that no company is safe from being targeted by ransomware, regarldess of size or location."
- Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology
White House Ransomware Guidelines
According to a White House memo obtained by CNBC, here are the five best practices for protecting your business against ransomware attacks throughout 2021.
1. Backup your data, system images, and configurations, regularly test them, and keep the backups offline.
Ensure that backups are regularly tested and that they are not connected to the business network, as many ransomware variants try to find and encrypt or delete accessible backups. Maintaining current backups offline is critical because if your network data is encrypted with ransomware, your organization can restore systems.
2. Update and patch systems promptly.
This includes maintaining the security of operating systems, applications, and firmware, in a timely manner. Consider using a centralized patch management system; use a risk-based assessment strategy to drive your patch management program.
3. Test your incident response plan.
There’s nothing that shows the gaps in plans more than testing them. Run through some core questions and use those to build an incident response plan: Are you able to sustain business operations without access to certain systems? For how long? Would you turn off your manufacturing operations if business systems such as billing were offline?
4. Check your security team’s work.
Use a 3rd party pen tester to test the security of your systems and your ability to defend against a sophisticated attack. Many ransomware criminals are aggressive and sophisticated and will find the equivalent of unlocked doors.
5. Segment your networks.
There’s been a recent shift in ransomware attacks – from stealing data to disrupting operations. It’s critically important that your corporate business functions and manufacturing/production operations are separated and that you carefully filter and limit internet access to operational networks, identify links between these networks and develop workarounds or manual controls to ensure ICS networks can be isolated and continue operating if your corporate network is compromised. Regularly test contingency plans such as manual controls so that safety-critical functions can be maintained during a cyber incident.
Ransomware attacks have been one of the defining threats so far in 2021. With many companies returning to the office as vaccinations increase and pandemic restrictions begin to lift, there is an increased threat of even the smallest vulnerability leaving your entire collection of internal data, customer data, and company secrets out in the open with minimal protection. Our team at SeedSpark is constantly researching the latest cybersecurity attacks of all types, learning the strategies, and adding additional countermeasures to keep our clients prepared.
With regular backups, security updates, email protection, and onsite training, we help ensure that our clients have every tool at their disposal to ensure that they aren't the next victim. Interested in staying up to date with the latest technology tips? SeedSpark’s 5-Second Tech Tips bring you the latest in cybersecurity tips, productivity tricks, and ways to optimize the way you work.