recovered the bulk of the money extorted from Colonial Pipeline appears to have had more to do with the criminals lack of sophistication in Bitcoin laundering than it does the ability of law enforcement to block cryptocurrency as a payment system for extortion. And the money to be made for such low-risk crimes is substantial. Meatpacker JBS paid a ransom in Bitcoin equivalent to $US11 million to end the attack that disrupted both its North American and Australian operations, with its CEO Andre Nogueira saying that “we felt this decision had to be made to prevent any potential risk for our customers”. Despite both governments and security companies worldwide, including ESET, recommending victims not pay ransoms to attackers, JBS clearly felt that the ultimate cost of its operations being shut down for an extended period was worse than paying off the attackers. As long as victims feel they have no choice but to make this decision, ransomware will continue to escalate. Nor should the increase in such high-profile attacks against major enterprises make smaller businesses think they are safe from attack. A ransomware attacker is first and foremost attacking your reputation. Whether they are encrypting your systems or holding your data to ransom, the pressure they are bringing to bear is based on how much reputational damage they think you are willing to sustain.
Smaller companies are just as susceptible to this as large enterprises and it is likely that the scale of attacks on SMBs is largely under-reported, since no one wants to disclose they’ve been a victim of an attack unless they have to. All of this points to ransomware continuing to be a major threat for the foreseeable future. Which means you need to plan to protect yourself from a successful attack as well as to mitigate any damage and provide for a quick recovery if the worst happens. Most of the measures businesses should take to strengthen their defence against ransomware are not new. But it’s never a bad time to revisit and audit your defences:
Cybersecurity training for staff The process of compromising your network’s security can start at multiple places and the most obvious remains human error by your staff. Exploiting poor cybersecurity awareness is one of the most popular methods for attackers attempting to breach your security and ensuring that all staff are properly trained on cybersecurity best practice goes a long way to mitigating this risk.
Use a multi-layered security solution
Cyber Risk Leaders Magazine | 15