Protection file

Double protection against ransomware

Joe dysert

As the threat of ransomware reaches new heights in 2021, many lumber and building materials companies are stepping up their defense against the scourge by ensuring they have done everything possible to avoid being a victim.

“This year we have already received 13 cyber claims, all resulting from either ransomware or fraudulent mail,” said John Smith, President and CEO of Pennsylvania Lumbermens Mutual Insurance Company.

Many owners of the smaller lumber and building materials business are realizing that they are prime targets for these hackers, who see small businesses as generally easy to break in, loot, and deceive.

“Ransomware is most commonly known to spread via a malicious link via a phishing email. And that’s probably where most perceive the risk, ”says Smith. “But the web is the second most common way to distribute ransomware. We googling everything and point and click, not thinking much about the validity of the content until we have already clicked.

Indeed, the successful ransomware attacks across the United States have proven so visceral this year that they have triggered an executive order from President Joe Biden, urging all American companies to take ransomware protection seriously. Biden’s order “calls on federal agencies to work more closely with the private sector to share information, strengthen cybersecurity practices, and deploy technologies that increase reliance on cyber attacks.” It describes the innovative ways the government will take to ensure security and software, using federal purchasing power to revive the market and improve the products that all Americans use.

In 2021 alone, businesses in the United States were reeling from successful ransomware attacks, including attacks on SolarWinds, a commonly used IT management software; the ransomware disruption of service on the Colonial Pipeline, the largest refined petroleum product conduit in the United States; and the ransomware seizure of computer files from the Washington DC Metropolitan Police Department.

Other ransomware removals include a takeover of computer files at JBS Foods, Goliath meat packer, as well as the National Basketball Association.

Granted, authorities have sometimes been lucky against ransomware hackers in 2021. The excellent cybercrime work of the US Department of Justice, for example, recovered $ 2.3 in Bitcoin that the Colonial Pipeline paid to the ransomware hackers. to help set up its computer network. run again.

“Tracking money remains one of the most basic but powerful tools we have. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks. Today’s announcements also demonstrate the value of early notification to law enforcement. We thank Colonial Pipeline for promptly informing the FBI when they learned they were being targeted by the Dark Side, ”said Lisa O. Monaco, Deputy Attorney General of the United States.

Even so, hackers more often than not get away with their exploits, extorting hundreds of thousands of businesses around the world each year and disrupting the daily operations of each. Overall, 37% of organizations across the world experienced some sort of ransomware attack between May 2020 and April 2021, according to research from cybersecurity firm Sophos.

Based on this survey of 5,400 IT managers from mid-sized organizations in 30 countries, the study also found that the average ransom paid to recover data from a ransomware attack was $ 170,404.00 . Unsurprisingly, many of the criminals behind these successful ransomware attacks ignored promises to restore computer files after the ransoms were paid, according to the study.

Specifically, on average, the victimized organizations in the study that paid ransoms received only 65% ​​of their data. And only 8% of companies that pay hackers money were able to recover all of their files, according to the Sophos study. Equally frustrating for victims’ organizations was the cost for day-to-day operations. On average, the cost to restore the impact of a successful ransomware attack on a mid-sized business, taking into account downtime, lost wages, device cost, network cost, of lost sales and paid ransomware, was $ 185 million.

Additionally, hackers have increasingly exploited a new flaw in their ransomware programs over the past year – threatening and often executing threats – to post sensitive data found in commercial files on the Dark. Web if a victimized business refuses to pay a ransom.

While news stories tend to focus on ransomware attacks against large companies, LBM companies are just as likely to be the target of hackers. What’s more, even in the smallest lumber and building materials company, shutting down ransomware hurts, disrupting earnings and running the owner to shreds trying to find a way to get the computers back. working.

That’s why it’s imperative to start developing a plan to manage and mitigate ransomware and similar cybersecurity threats, which many believe should include comprehensive cybersecurity insurance.

Without such a plan, you’ll likely be caught off guard, struggling to deal with a whirlwind of chaos that may force you to make quick decisions that you’ll later regret.

“For example, our cybersecurity incident response plan allows the IT manager and our cyber partner to immediately shut down systems if it is deemed necessary to contain or search for a serious event such as a ransomware attack,” Smith said. “You often can’t think of this stuff right now. “

But perhaps the most important thing in protecting your lumber and materials business from hacker breach is making sure your employees are made aware of all the ways that hackers are trying to trick them into clicking links, revealing. usernames and / or passwords or to provide access. to the corporate network, which can and often does lead to devastation.

“The human factor is the most worrying factor for us when it comes to ransomware. Make sure you involve your entire business and create a cyber-aware culture. Have a plan in place to educate your staff on what to look for and how to report suspicious emails or links, ”Smith said.

Ultimately, it looks like the scourge of ransomware and similar cybersecurity threats is bound to unfold relentlessly like an endless cat-and-mouse game. The idea is to be the cat, not the mouse.

Joe Dysart is an Internet speaker and business consultant based in Manhattan.