Does your company have $50 million to spare? That is how much a ransomware attack cost Norsk Hydro in the first quarter of 2019. A total of 22,000 computers had their files forcibly encrypted across 40 countries in which the aluminum producer operates. Employees were using typewriters and manual production lines where possible to operate the business. Norsk Hydro did not pay the hackers’ ransom and was completely honest about what happened. Its approach was praised by both law enforcement and IT security experts since it did not end up funding future hacking attempts.
Unfortunately, companies are more likely to go pay the ransom anyway and hope that the payment will in fact unlock their files. The reasons are various, ranging from improper (or no) backup infrastructure to needing to keep business afloat in more sensitive sectors, such as healthcare and government operations.
There are some cases where paying the ransom would minimize damages and allow the company to continue operations. In those cases, the decision to pay the ransom should come after all other options are exhausted. But why end up in those situations in the first place? An effective cybersecurity plan that informs you of the cyber risks facing your organization is required for 2020. Why depend on Open Source Intelligence that may not even apply to your firm, industry segment or even country? Ransomware attacks on such a massive scale seem to happen at least once a month and are reported in the national media. The City of Baltimore was attacked in May 2019 and a similar incident was reported in Greenville, North Carolina the previous month. Why were these cities not investigating the cyber threats that were facing them every day, not every other city in the USA?
Massive attacks aside, cybercriminals tend to target small businesses due to less investment in their cybersecurity infrastructure. It is predicted that a new organization will be affected by such an attack every 11 seconds as soon as 2021.
This still does not compare to the constant threat of phishing attacks. Phishing is a form of social engineering where attackers use of fake emails and/ or websites to gain valuable data from their target and cause serious damage. According to a recent survey, phishing is the number one cyber threat affecting businesses and all other organizations across the country.
Phishing is simple to perform, inexpensive, monstrously efficient and attackers see no reason to stop. Organizations need to train all staff members to recognize and avoid malicious emails and doubt every website that asks for sensitive data. It might be a costly and time consuming investment, but less than the potential expenses of recovery and loss of business.
Public Wi-Fi has become an entry point for hacking and other illegal activity. Allowing staff to work remotely has some advantages and new risks. What better time to squeeze out that late report than waiting at the airport or a restaurant?
Small and medium-sized businesses (SMBs) have a distinct advantage against corporations that span entire continents. It is much easier to implement cybersecurity measures on a smaller scale. The days when hackers were isolated cases from the US or abroad doing it for fame and money are over. It is very easy to find hacking tools and tutorials online. And how to extort money.
What can SMB’s do about this growing problem? Inexpensive measures, such as using Red Sky Alliance’s RedXray service can provide the business owner with a daily cyber threat notification report covering nine (9) cyber threat categories, so threats can be investigated before they become expensive problems. What RedXray offers is another layer of protection for businesses without having to connect to their networks. How easy is it to order? It can be ordered on line in less than 3 minutes and all billing is made monthly by credit card by visiting https://wapacklabs.com/redxray.
Red Sky Alliance/Wapack Labs Corporation can help your firm protect against these threats and is now offering Cyber Insurance coverage through Chubb to help protect your organization, if the worse happens.
Please feel free to contact us at firstname.lastname@example.org or one of our authorized RedXray sales distributors. Photo: 123rt.com
Red Sky Alliance is located in New Boston, NH USA and is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 888-RED-XRAY or (888)-733-9729, or email email@example.com