Why You Need to Pay Attention to the Colonial Pipeline Ransomware Attack
Ransomware has continued to get more sophisticated and more costly; and
Even large companies aren’t properly prepared with the basics of good cybersecurity practices.In the case of both attacks, the companies paid the ransom to attackers to get operations back up and running. Colonial Pipeline paid $4.4 million and JBS paid $11 million. When victims pay the ransom, it just lets the hackers know they have a good business model, and they continue to optimize their attacks to increase profits. 56% of ransomware victims pay the ransom to the attacker. Small and mid-sized companies need to take notice of the dangers of ransomware and properly prepare their network and devices to avoid a devastating attack.
Ransomware Lessons to Use for Strengthening Your IT Security Posture
Ransomware Continues to Get WorseRansomware is eclipsing other forms of malware because it’s so lucrative for criminals. It’s been adopted by large state-sponsored hacking groups like REvil as a way to generate large sums of money. Groups like this have also begun selling Ransomware as a Service (RaaS), a model copied from cloud SaaS tools. This means that even smaller, less experienced hackers can purchase a ransomware attack kit or service. The monetization of this type of malware has been one of the reasons that ransomware attacks grew 485% in 2020.
Ransomware is Particularly DevastatingSome forms of malware, like adware, can be annoying and hurt productivity, but they don’t bring your operations to a standstill. Ransomware is particularly devastating because in most cases it causes operations of a business to shut down completely. In the case of JBS, nine meat-producing factories had to be shut down for nearly a week. Colonial Pipeline had to shut down its pipeline that supplies 45% of the fuel used by the U.S. East Coast for six days. Ransomware attacks files and spreads rapidly throughout a network. It uses an encryption key to scramble files so users can’t access them. This impacts all digital areas of a company that rely on data to operate. Because of the cost of downtime, companies will end up caving and paying the ransom to get operations running again. In both of these high-profile attacks, the companies defended their decision to pay the ransom saying they had a responsibility to customers to get operations up as soon as possible.
Ransomware Costs Keep Going UpBoth the cost of the ransom demands and the cost to a company to remediate a ransomware attack has been rising rapidly. This is another indicator that this type of attack has been a particularly successful money-maker for the attackers, thus they push the envelope, asking for even higher ransom amounts. Ransomware remediation costs include things like:
Emergency costs to remove the ransomware
Backup restoration costs
Ongoing rebuilding of reputationOver the last 12 months, the remediation costs for ransomware have more than doubled from $761,106 in 2020 to $1.85 million in 2021. Small businesses that don’t take ransomware seriously or think they’re “too small” to be attacked, can end up with an attack that costs more than they can recover from. 60% of small businesses have to close their doors for good within 6 months of a cyberattack because they’re unprepared.