In 2021, one of the world’s biggest meat producers and a Swedish retailer were victims of ransomware attacks which led to the formation of REvil enterprise.
While the attacks were different in nature, the results of the loss of access to data, downtime, and supply chain disruption, were equally destructive.
One was a straight hit on their systems, causing facilities in the US, Canada, and Australia to terminate operations and one was the penetration of one of their systems.
Another attack against an IT managed service provider closed over 800 supermarkets.
So now, the pressing and urgent question for businesses is whether their continuity plans can be trusted, and/or whether the ransom was a price worth paying to recover data and systems quickly. The case can be made that paying the ransom seems to be the right answer, especially if potential losses are more than the price. However, this is problematic both ethically and commercially as it encourages cyber-criminals to continue to launch these attacks as their behavior is rewarded by those companies paying the ransom.
Being elaborate in your security protocols is no longer enough as ransomware attacks can also come via supply chains and from other companies you work with, are connected to, or rely on. Thus, both upstream and downstream in the supply chain, take a look at who you share data with, where materials are sourced, and who has entry to processing control systems, product formulas, packaging, as well as your assets.
There are three main questions to ask your cybersecurity team to know how prepared you are for a ransomware attack.
1. Are you protected from basic attacks?
Let’s start with the basics first, before considering the adoption of every cutting-edge solution that is currently available. Keep in mind that even basic controls can be challenging to implement. You may unknowingly believe that you are protected, but without outside assurance from a cybersecurity professional, it may be the criminals who recognize weaknesses and act upon your assumption that you are protected.
2. If ransomware attacks you tomorrow, can you recover?
Can data be recovered fast if needed, and have you examined this by way of a Business Continuity or Disaster Recovery Plan? Since backup data is often a target, there is a substantial risk of irreversible loss unless it is cordoned off from live systems. It is important to analyze continuity alongside recovery to see how your company will function if systems were not available for a brief period. Having these plans is necessary, but there also has to be a test to make sure they work. Similar to a fire drill, test plans on a schedule to understand the results.
3. Do you understand your third-party vendors and suppliers’ risk?
Don’t have blind trust. Consider doing an external audit to ask important questions about their Disaster Recovery and Business Continuity plans to ensure that you are protected should they be hit with ransomware. If a supplier or vendor has any access to your environment, you are vulnerable. Consider these vendors/suppliers:
- Physical goods
- Cloud providers
- Developers who offer core software
- Any company you share data with
As our supply networks become even more intwined, vulnerability to cyber threats will also develop. Now, more than ever, you need to determine whether you will be the next target and whether you are protected.
For a free cybersecurity assessment, contact us using this form or call CMIT Solutions of Cincinnati & NKY at 513-594-9169 today. CMIT Solutions of Cincinnati & NKY has a variety of basic and high-level security services and cybersecurity solutions for your business.
Don’t wait to be a victim. Be proactive. Protect your data and have peace of mind.