Ransomware attacks have thrived during the pandemic, the numbers rising 62% globally last year to 305 million attacks according to SonicWall. According to Cyber Security Ventures, the world-wide cost to business in 2020 was $20 billion, up from $11.5 billion a year earlier. In some instances, insurance can cover the cost of the ransom and getting the system up and running. However, insurance may not be a realistic option for most companies in the future. According to The Washington Post, between 2019 and 2020, cyber insurers charged more for premiums yet still lost a greater percentage of those payments in insurance claims.
A major reason ransomware became a weapon of choice for hackers is the COVID-19 induced digital landscape. The transformation of so many companies operating in a mostly digital mode has created more targets for extortion. The other problem of course is that hackers arrange for payment in bitcoin or some other cryptocurrency because it’s hard to trace. According to a research study by Deep Instinct, ransomware increased by 435% in 2020 as compared with 2019.
Preventing ransomware requires cybersecurity awareness and preparation based on anti-malware programs, secure passwords, updating patches and having secure routers, VPNs, and Wi-Fi. However, according to Kevin Cardwell, in a recent CYRIN live webinar, there are better ways than the traditional answer of throwing more products at the problem.
According to Cardwell, a recognized expert in this area, the key is to recognize that you are always in control of your network. In many cases it is better to let the hackers in. Once they are in, deflect the hackers’ ability to gain access to your network with decoys and the art of deception. Essentially, interrupt the access and change what the attacker can see – set up decoy ports and machines – and once an intruder hits those decoys it should send off red alerts. From there, isolate the attack and cause the intruder to start over, frustrating the attacker. According to Cardwell, all you need is one packet and it’s relatively inexpensive and easy to set up a system of decoys.
Ransomware attacks are on the rise. Attackers used to target small businesses, but now, they are going after the well-resourced technology firms that manage data and web traffic for the biggest companies. Ransomware operators are also hungry for publicity and are looking to extort companies by threatening to disseminate private company data. They are exerting a lot of power and hoping for big payouts. According to Nicole Perlroth in an aptly named article, “Don’t Ignore Ransomware, It’s Bad”, in The New York Times, “the United States is the most targeted country by cybercriminals and nation states, but we’re not acting like it.”
The likely impact for the near-term is that there will be more ransomware attacks against institutions and corporations that are less cyber secure and cannot afford to have operations impeded such as health care, state and local governments, and educational institutions. All the more reason for those firms to institute the different approach advocated by people like Kevin Cardwell.
On August 25, 2021, President Biden met with executives from gas, finance, tech, water, and insurance. The meeting signaled the President’s recognition of escalating cybersecurity threats – and the need to face these threats as a nation. The meeting’s key goals, according to The Washington Post, were:
CNN reports that during the meeting Biden described cybersecurity as a "core national security challenge" and cited recent high-profile attacks on US businesses that have disrupted life for everyday Americans. Following the meeting, “business leaders from key sectors of the economy pledged to help harden the country against cyberattacks.” This meeting followed the President’s issue of an executive order in May shoring up federal IT security. "We've seen time and again how the technologies we rely on, from our cell phones to pipelines, the electric grid, can become targets of hackers and criminals," Biden said in opening remarks. CNN reports that “a senior administration official described the week's meeting to reporters as a "call to action" for the private sector, which is composed of thousands of businesses that may lack the know-how or the resources to fend off hackers on their own.” The meeting also signals the understanding that the public and the private sectors must come together to meet this challenge. No one will be able to fend off these attacks on their own.
Pandemic + remote workforce + ransomware attacks = extreme danger! And that extreme danger is what’s in store for all of us, if businesses and governments don’t start taking cybersecurity and in particular ransomware threats seriously.
Yes, CYRIN has created some unique tools to help companies and organizations train and defend in realistic virtual environments. The idea is to train against these actual real-world attacks, such as ransomware, and create the internal knowledge and ability to defend against these attacks. Our courses and content include three courses by Kevin Cardwell on essential tactics and training with real tools and a playbook to thwart the attacker. These are all designed to allow you to flip the tables on the hackers. We encourage our subscribers to create the corporate knowledge and update the playbook by training on our realistic industrial or enterprise networks created on CYRIN. If you’re not prepared you cannot defend. It’s much less expensive to stop the attack than deal with the consequences of the economic and debilitating aftershocks to your systems, reputation and people.
Please take a look at our entire course catalog, or better yet, contact us for further information and your personalized demonstration of CYRIN. Take a test drive and see for yourself!