Use this analysis of the biggest ransomware attacks of 2020 (so far) to create a stronger cybersecurity plan.
Ransomware is everywhere – or at least that’s what it feels like, and it was just as popular in 2019. These lessons learned from the biggest ransomware attacks of 2020 give businesses essential insight into how to stop ransomware from putting the brakes on their recovery as they try to bounce back from a tumultuous year.
Protecting highly privileged credentials is vital.
The city of Florence, Alabama learned this lesson after paying more than $290K to a gang of cybercriminals who encrypted the city’s data and shut down their email system after the password of their Manager of Information Systems was compromised. The DoppelPaymer ransomware gang was also able to attack nearby cities in the incident.
Administrator passwords and other highly privileged credentials are the keys to the kingdom for cybercriminals. Use a secure identity and access management solution like Passly to protect them. Not only does multifactor authentication add an additional layer of security against bad actors attempting to penetrate your systems with a stolen password, but Secured Shared Password Vaults also allow important credentials like an administrator password to be stored under extra protection.
Even IT Pros can be duped by phishing.
You would think that an IT professional would be cognizant of a suspicious link, but defense contractor CPI learned that’s not necessarily the case the hard way after an administrator clicked on a malicious link, unleashing a vicious ransomware attack that quickly infected the company’s systems, including backups. The ransomware gang responsible walked away $500K richer, and the defense contractor spent months recovering from the incident.
Anyone can be hooked by a phishing attack, and phishing is the most common way that ransomware is delivered. From the interns to the C Suite, every user on a company’s network must be regularly trained and tested in phishing resistance. No one’s time is too valuable, and no one is “too knowledgeable” to be taken in by a phishing attack, especially a carefully crafted spear phishing attempt. By consistently and regularly refreshing user training with BullPhish ID, everyone becomes more cautious about potential phishing attempts, and staffers are more likely to report a suspicious message than interact with it.
Ransomware is devastatingly expensive any way you look at it.
Tillamook County, Oregon was successfully attacked by the REvil ransomware group in January, taking out its computer systems, website, email, and phone systems for more than two weeks. The county’s IT team was able to mitigate the spread and contain it to 17 of 55 servers and five of 280 county workstations, but the damage had already been done. The county paid 300K to the cybercriminal gang for the encryption key after determining that it could 12-24 months and cost more than$1 million to unlock the county’s computer system.
A new ransomware attack will be launched every 11 seconds by 2021. If an attack successfully lands, companies are faced with a difficult choice; pay the ransom or pay the recovery cost. And even after paying the ransom, victims can never be sure that their stored credentials or encrypted data weren’t copied and sold to other bad actors before it was unlocked. Dark Web monitoring with a solution like Dark Web ID alerts IT staff to potential credential compromise, preventing nasty surprises like intrusion caused by stolen passwords.
It pays to be proactive about preventing ransomware attacks.
Every business is looking for ways to trim the fat from the budget to save money in challenging times, and training looks like a luxury that can be gone without. But the truth is, a cybersecurity incident like ransomware can wreak havoc on any business. This look at the biggest ransomware attacks of 2020 should illustrate why it’s a smarter business decision to spend a little more on training upfront than to take a chance on joining the ranks of the more than 40% of businesses that are impacted by ransomware each year.