In 2021, it was JBS Foods, the world’s biggest meat producer, and in July month, it was Swedish retailer Coop — both victims of ransomware attacks led to the formation of REvil enterprise.
Albeit the attacks’ nature was different, the result — loss of access to data, downtime, and supply chain disruption — was equally destructive.
In the time of JBS, it was a straight hit on systems, causing facilities in the US, Canada, and Australia to terminate operating. For Coop, it was the penetration of one of their reliance. IT managed service offerers, Kaseya, that closed the tills in over 800 supermarkets.
The urgent question for businesses such as JBS Foods and Coop was whether company continuity plans could be trusted, or was the ransom a price worth paying to recover data and systems hastily? The case for paying can feel attractive, especially if prophesied losses are more than the attacker needs, but this is problematic commercially and ethically. Because of this, cyber-criminals will continue to launch these attacks for as long as they are advantageous.
As explained by the attack on Coop, being flamboyant in your security protocols is not enough as ransomware attacks can come via supply chains and other companies you work with, are connected to, or trust on. Therefore, both downstream and upstream in the supply chain, ponder whom you share data with, where materials are sourced and who has admittance to processing control systems, product formulations, packaging, and brand assets.
Not Accurately doing the Basics Will Boosts the Risk of a Ransomware Infection
There are three primary questions to ask to know how prepared you are for a ransomware attack regarding cybersecurity threats.
-
Are we determined to protect from basic attacks?
Not accurately doing the basics boosts the risk of a ransomware infection, but this does not infer adopting every cutting-edge solution available. Even basic controls can be challenging to implement, and many companies believe they are getting them right. But sans independent assurance, it’s criminals who will recognize weaknesses rather than cybersecurity professionals.
-
If ransomware attacks us tomorrow, will there be any chance of recovery?
A ransomware attack is not unavoidable but plans as if it were. Can data be recovered fast when needed, and has this capability been examined? Backup data often becomes a target, so there is a substantial risk of irreversible loss unless it’s secluded from live systems. Analyze continuity alongside recovery — how will the enterprise function if systems are not available for a brief period? Having plans is mandatory, but so too is testing that they work. Fire drills happen for a purpose: test plans frequently and guarantees teams are well-reasoned in fixing them. If you are unaware of when plans were last tested, be aware of it.
-
Do you comprehend your third-party vendors and suppliers?
Every company will trust on third parties to some degree. But, are they documented, and have the risks they pose been correctly assessed? In most companies, the answer is no — at least not understandingly. Consider suppliers who render:
- Physical goods
- Cloud providers
- Developers who offer core software
- Any company you share data with
If a supplier has any level of access to your environment, they are a potential attack vector. Positively try to shadow IT, those crucial but undocumented and uncontrolled solutions that unavoidably exist somewhere. Comprehend the risks associated with third parties and look for assurance that they too are adequately protected.
As our global supply networks become ever more intricate, vulnerability to cyber threats can only develop. So, at the moment, more than ever, we need to ask who will be the next target across all enterprises? And if it is our company, are we protected?
