If it seems like ransomware has been getting worse lately, it’s not your imagination. The two recent high-profile attacks on Colonial Pipeline and JBS (Pilgrim’s Pride, Swift, etc.) were stark reminders of just how devasting an attack can be.
In early May, Colonial Pipeline was hit with a ransomware attack and had to shut down its operations for six days. This caused a nationwide increase in the price of gas and wide-sweeping gas shortages due to panic buying across the East Coast.
At the end of May, the world’s largest supplier of beef and pork also suffered a ransomware attack. JBS had to shut down facilities in the U.S., Canada, and Australia for nearly a week. This caused fears about impacts on the food supply and meat prices.
Ransomware has grown to become one of the most devastating threats to business networks and operations. It scrambles data, making it unreadable, which has the impact of shutting down a business because it can’t access vital systems.
One twist that ransomware has that other types of malware don’t is that the attacker demands a ransom to be paid to return access to the user’s data. This ransom and the fact that so many companies pay it is one of the big reasons for the rapid rise of ransomware threats.
56% of ransomware victims pay the ransom to the attacker.
Why You Need to Put Together a Ransomware Response Plan
Ransomware Attacks Are Rising Rapidly
Ransomware attacks have been increasing annually, with a 485% increase in 2020 over the prior year. This means that your chances of becoming a victim increase each year.
No size business is safe from attackers. Because ransomware has become a popular money-making machine by small hackers and large criminal organizations alike, some will go after larger fish, while others focus on small businesses.
If you’ve been lucky so far with avoiding ransomware, the numbers tell us that your luck may run out soon if you’re not properly prepared with a ransomware protection plan.
Companies Tend to Be Overconfident About Their Defenses
Both Colonial Pipeline and JBS are large organizations that have the money to invest in cybersecurity resources. But even large companies can be overconfident about their cybersecurity defenses.
In the case of Colonial Pipeline, the hacker got in due to an unused VPN account that was never deactivated and wasn’t protected with multi-factor authentication.
If you think you have all your ducks in a row, you may have a weakness you aren’t aware of or a new vulnerability due to a software or OS update. That’s why it’s important to have regular IT security audits.
Ransomware Remediation Costs Have Skyrocketed
Think you can weather a ransomware attack without many losses? Smaller companies, especially, are the most devastated by these types of attacks and many never recover.
The cost of ransomware remediation has more than doubled over the last 12 months. It went from an average of $761,106 to $1.85 million. Those remediation costs include:
- Lost productivity
- Lost business
- Emergency IT costs
- And more
Ransomware as a Service (RaaS) Is a “Thing” Now
One of the drivers of ransomware attack volume is that criminal organizations are offering Ransomware as a Service (RaaS). They’re using the Software as a Service (SaaS) model and using it to enable novices to conduct ransomware attacks.
Developers will sell or lease the malware needed to conduct ransomware attacks to buyers on the Dark Web and even provide step-by-step instructions. This means more people trying to cash in on the ransomware boom.
Backup Recovery Isn’t Tested Enough
Hackers were 2 for 2 in the JBS and Colonial Pipeline attacks. Both companies paid the ransom, Colonial paying $4.4 million and JBS paying $11 million. This further emboldens the hackers.
Colonial mentioned that it had a backup, so why did it pay? Companies don’t test their recovery process enough, thus they can end up with lengthy recovery or are unsure how long their backup recovery will take. So, they opt for what they feel is the fastest way to get operations up and running, which is to pay the ransom and hope the attacker keeps up their end of the deal.
It’s vital to include attack response drills in your ransomware strategy and to regularly go through data restoration so everyone is familiar with the process and can execute it quickly.
Having an Incident Response Plan Reduces Downtime & Costs
According to IBM Security’s Cost of a Data Breach Report 2021, the cost of a ransomware attack can be cut in half if a company has a practiced incident response plan in place.
If you include a plan for ransomware response in your technology upgrade budget, you can end up saving yourself from a potentially business-ending cybersecurity breach.
Contact B-Comp Services to Put a Ransomware Strategy into Action
B-Comp Services can help your Denver area business put together a ransomware incident response strategy to mitigate risk and reduce potential attack costs and downtime.
Contact us today to discuss your cloud solutions. Call at 303-282-4934 or contact us online.