Large-scale cyber attacks have debilitated energy markets, the meat industry, hospitals and even the global supply chain. Imagine how such a breach could wreak havoc on your business.
Seem far-fetched? It’s not. In fact, one study from IT security firm PurpleSec shows that ransomware, the most common weapon of attack that typically demands cryptocurrency in exchange for unlocking critical files, has jumped significantly in the last few years—41% in 2019 affecting 205,000 businesses. These attacks have cost businesses, nonprofits and government organizations around the globe more than $8,000 per incident and about $20 billion in total. The pandemic lockdown is one reason for the jump in cybercrime, as more people work from homes with less stringent protections for their computers.
“Threat actors take advantage of current events and changing circumstances to exploit those who are most susceptible,” the report explains. One way that’s done is via “phishing”—sending a seemingly legitimate email from a reputable organization (the World Health Organization became a popular front for this) to get sensitive information from a respondent. That information then ultimately compromises data and lets hackers manipulate and “kidnap” data or debilitate the system.
The first stop on your journey to a more secure system is more about people than machines: It’s training. This includes how to set passwords; secure browsing; avoid suspicious sites and emails; and report threats, breaches and internal security compromises. The National Initiative for Cybersecurity Education provides free and low-cost learning resources that business owners can implement for their employees. As cyber threats evolve, so should your training—an endeavor that will also have to be ongoing.
Avoiding and Responding to Cyber Attacks
The federal Cybersecurity & Infrastructure Security Agency, or CISA, outlines the four steps an organization can take to stay safe from cyber crimes.
- Audit your IT infrastructure: What critical processes and operations depend on your IT? What are the contingencies and inter-dependencies that would be compromised if part or all of your system were under attack?
- Make a plan in case you lose access: What will you do in the event your system malfunctions or is down altogether? Here’s where you’ll come up with some workarounds or manual options to isolate and protect networks.
- Run the plan: Test your controls and security measures regularly and continually tweak them. Consider any recent changes you’ve made in your network and any new forms of cyber threats that have come along and include those in your evolving plan.
- Regularly back up everything: Make sure you’re saving data. Ensure you isolate those backups from the rest of the system or network so it can’t also get “infected” with malware or ransomware.
In the unfortunate event your system does get hit with an attack, a swift response is critical. Once you determine exactly what’s been compromised, you’ll want to isolate those components. According to CISA, “if, and only if, you are unable to disconnect devices from the network, power them down to avoid further spread of the ransomware infection.” Next, you should do a triage. Which systems can be restored? What data is recoverable?
If your response needs extra muscle or feels beyond your capabilities, it’s time to call in a professional cyber security expert or even CISA. And the time to make those connections is well before you need them—you don’t want to be scrambling around for names and numbers when you’re in the thick of a cyber attack. You’ll also want to see what insurance covers—is cyber protection and recovery included in your plan? Connecting with federal agents should also be a part of your strategy, CISA advises: “Consult federal law enforcement regarding possible decryptors available,” the organization explains, “as security researchers have already broken the encryption algorithms for some ransomware variants.”
It’s scary, frustrating and disappointing to undergo a cyber attack. But hopefully, if it happens to you, you can use the experience as a learning opportunity. Ask your team to document what has occurred and analyze what went wrong and make the necessary adjustments accordingly to prevent a second occurrence.