It’s barely been a month since a ransomware attack disrupted one of the most crucial gas pipelines in the United States. And yet the cyberattacks keep coming, most recently against an international food corporation responsible for major meatpacking operations in North America and Australia.
Initial intelligence reports indicate that this most recent hack originated from a Russia-linked group of cyberthieves. Government officials in the U.S. say that a response is coming as they strengthen cyber resilience. But in the meantime, Anne Neuberger, cybersecurity adviser at the National Security Council, has urged the business community to “take critical steps to protect your organizations and the American public.”
As tactics used by ransomware groups continue to evolve, businesses must take steps to prepare. According to a recent article in Wired, many security experts have identified a “more-is-more approach” among hackers. Say a business that’s had its data stolen decides to pay up to retrieve it. Some savvy groups then attack them again. Or, in industries where public reputation is paramount, hackers will threaten to leak stolen information to the public to force a ransom payment.
In the latest fresh twist, many hackers are layering two different types of ransomware on top of a company’s compromised data—often under the guise of two competing cyber gangs trying to one-up each other. Sometimes, affected businesses will receive two ransom notes at the same time; other times, victims only find out about the second ransom after they’ve paid the first and discover their data still isn’t decrypted. The safest method remains the same: regular, remote, and redundant data backups that render moot the question of whether to pay a ransom in the first place. Even if two layers of ransomware are unleashed against your company, restoring from a recent backup can help your business bounce back from even the most devastating attack. This advanced cybersecurity tool allows IT experts to have full visibility into a company’s network, giving them the ability to analyze traffic, spot malicious movements, automate responses, and enable real-time threat identification. The strongest EDR solutions run on specific devices and machines, reducing the lag time required to transmit information to and from the cloud while empowering trained IT staff to mitigate problems like ransomware before they take root.
Just a few years ago, multi-factor authentication (MFA) and single sign-on (SSO) were relatively rare, considered by many companies and employees to be an annoying or even unnecessary extra layer of cyber defense. Today, however, these login protocols—which require a user to enter his or her password followed by a unique code or push notification typically delivered by text or email to confirm their identity—are becoming more and more common. MFA and SSO can reduce the negative impacts of a stolen password, which is often reused to surreptitiously access networks, databases, and individual laptops or computers.
Many people assume that out-of-date operating systems and legacy software applications aren’t that big of a threat. But the infamous WannaCry attack in 2017 exploited the outdated operating system Windows 7, while Apple recently announced that its Big Sur operating system for Mac computers was exploited and needed to be actively patched. Hackers were able to surreptitiously move sensitive data like cryptocurrency addresses, credentials, and payment card information from the Apple Store to the attackers’ server, bypassing standard privacy permissions and gaining unfiltered access to user machines.
Instead of waiting for a ransomware attack to occur, the strongest managed IT services take a proactive instead of reactive approach. That means 24/7 monitoring that maintains a constant watch on every component of your company’s technology ecosystem; advanced anti-malware, traffic analysis, and multi-layered network security solutions; nationwide support that can protect your physical and remote offices; real-world cybersecurity training for your employees; industry-specific compliance; and the human intelligence that forms a rock-solid foundation for information technology. Your business deserves advanced cybersecurity protection that evolves and responds to today’s—and tomorrow’s—issues. At CMIT Solutions, we see ransomware as an existential threat to core business functions, not just another form of data theft. We earn the trust of our clients by working diligently to resolve every issue, big and small. We place the utmost importance on day-to-day operations—because, as fellow small-business owners, we know how harmful even an hour of downtime can be.
If you’re ready to address the ever-changing ransomware threat and secure your business’s most critical IT assets, contact CMIT Solutions today. We defend your data, protect your systems, and empower your employees to do their best work.