23 November 2021

Cyber-Attacks: Are You Taking Them Seriously?

By Louise Smith-908 Views-No Comment

Gone should be the days where companies adopt a “that wouldn’t happen to us” approach. Cyber-attacks, specifically ransomware attacks occur every 11 seconds in 2021, according to Cybercrime Magazine. Smart company leaders are not wondering when it will occur but they are proactively preparing for these attacks, and you should too.

What really is ransomware? The Cybersecurity and Infrastructure Security Agency (CISA) defines ransomware as:

“A form of malware designed to encrypt files on your device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.”

Ransoms demanded in 2021 reached as high as US $50 million dollars (Acer) and because the use of this malware is so lucrative for these malicious actors, they are constantly coming up with more and more ways to prey on the vulnerabilities of your IT set-up and even your staff.

If you are wondering whom these malicious actors I am referring to are, I am talking about highly skilled hacker groups (some refer to themselves as gangs). The intent of these organisations/groups can sometimes be identified by their monikers, for example, Darkside, Evil Corp and REvil. Some hacker groups may have less ominous names like HelloKitty, Conti or Avaddon but all these groups have successfully collected ransoms worth millions in 2021, often in Bitcoin from very well established companies.

Be Prepared

To reduce the risk of an attack crippling your business, here are a few suggestions:

  1. Put policies and procedures in place to avoid attacks from happening.
  2. Train all staff, including consultants that use your network, to identify phishing emails. If your staff have an any doubts, they should avoid clicking any links before having their IT Support team have a look at the suspicious email
  3. Work with your Managed Service Provider or CIO and outline an Incident Response Plan for your company.
  4. Test your back-up systems frequently
  5. Store backed up data offline, as this makes it easier to wipe encrypted files and load back-up data quickly
  6. Speak to your insurance provider about cybersecurity insurance coverage. This will help you be prepared in case paying the ransom is unavoidable.

For a more comprehensive list of preventative measures against ransomware, you can review the CISA’s Ransomware Guide

Be smart. Be Prepared.