fbpx
Mytek Logo
MyTek Logo

Ransomware is Now Aligned with Terrorism

by | Jun 14, 2021 | MyTek Blog, Security

Q

Subscribe To The Blog

By subscribing to the blog, you will be notified when a new blog post is created on the site.

Ransomware has changed from being an annoyance to being aligned with real global threats. The U.S. Justice Department officially has gone on record and has established that new ransomware investigations will be handled the same way that terrorism is handled. Let’s look into the reasons behind this new strategy and how your own business should be responding. Then, we’ll discuss Phoenix cybersecurity solutions to keep your business safe.

How Much Worse Has Ransomware Become?

Ransomware has always been dangerous and something to look out for. But now, with the major attacks that have happened lately, the issues of the past seem minuscule by comparison. While it would be terrible for your small business to be attacked by ransomware, it can’t compare to the major recent attacks like that of JBS and Colonial Pipeline.

Even so, no business is truly safe from cyberattacks and the results of one can be highly damaging. This is why the White House has recently stepped in, saying that they are warning companies to up their cybersecurity measures.

Other Governing Bodies are Following Suit

That isn’t all. Following the JBS hack, which has the potential to create huge economic ramifications, U.S. Congress is also considering the lack of federal oversight when it comes to the cybersecurity of meat processors. This oversight would be able to help prevent and mitigate attacks like these and stop the widespread of their impacts.

Ransomware Threats Are Also Getting Worse

With ransomware attacks targeting bigger and higher-value targets, the strategies used across the board are evolving and getting bigger and better. Let’s look at the ideal progression of a ransomware attack, but from the attacker’s perspective.

  1. Encrypt a targeted system using ransomware
  2. If the ransom is not paid, threaten to delete all of their data.
  3. Profit.

Because of this, the consensus among security-minded businesses was the keeping of an isolated backup, which they saw as the perfect failsafe against an attack like this. With this type of action, the encrypted data can be wiped and replaced with the backups for a relatively minor cost (especially in comparison to ransom costs). This is why we always recommend every business we encounter knows the importance of having a backup.

Unfortunately, this is not the only step needed to be taken since cybercriminals are now adapted their processes. Because of this, they are following slightly different methods than what we have seen before, such as: 

  1. Use ransomware to steal data and then encrypt it after it has been harvested.
  2. Threaten the company and say that their data will be deleted if the ransom is not paid. 
  3. Profit.
  4. Threaten the company and say that their data will be leaked or sold if a second ransom is not paid.
  5. Profit again.

This approach is a double-whammy that first was seen in late 2019, but has sadly exploded since. A recent survey stated that 77 percent of ransomware attacks now double as threats to leak data unless ransoms aren’t paid. This same survey also shared that attacks are increasingly being directed toward small or medium-sized businesses that have fewer resources and funds.

So, what can your company do now that keeping a backup may not be enough?

How a Business Can Resist Ransomware

First, let’s take a look at how the majority of modern ransomware attacks start. Half of these attacks come from the cybercriminal’s ability to get into your remote desktop software, through stolen or guessed credentials, or through a vulnerability that is unpatched. Any organization can prevent ransomware attacks by reinforcing password security and user management.

With stronger password requirements, such as two-factor authentication measures, you can eliminate threats related to insecure passwords. You can also use a password management platform to make complicated passwords easier to remember, so your systems can be as secure as possible.

You should also invest in a dark web monitoring service that can help you identify if your data and passwords have been exfiltrated or compromised. While this can’t undo the damage that has already been done, it can help you identify your weak points and fix them before anything else is compromised.

We wish that we could tell you that cyberattacks won’t get worse, but we can’t, so instead, we are dedicated to helping you do whatever we need to stop them. MyTek is here to help you have the best Phoenix Cybersecurity Solutions, so give us a call today at 623-312-2440 to learn more.

ABOUT THE AUTHOR

Tim - Team

Tim Tiller, LMSW

 
Tim Tiller, MSW brings a deep service background to his role at Mytek, having graduated from McDonald’s management training program, fresh out of high school, and working his way up through the ranks in the hospitality industry. He has led two prior companies – Multi-Systems Inc., an IT-focused organization providing technology to hospitality companies (where he was named President at age 36), and most recently, as Chief Operating Officer for Jewish Voice Ministries International.

Q

Subscribe To This Author

By subscribing to the author, you will be notified when a new blog post is created by the author.

AUTHOR’S RECENT POSTS

New Study Shows the True Potential for a Shorter Work Week

Have you ever considered what could happen if we changed the entire workweek by reducing the number of hours worked and shaving off hours here and there? The conversation on a shorter workweek has been talked about by so many people, so a new shorter workweek study in...

Choosing the Right Hard Drives: HDD vs SSD

Searching for new technology can be a pain, and can be super time-consuming due to filing through your needs, your best options, and your budget. When it comes to hard drives, these decisions can be even harder and have to do with the workstations, laptops, and...

Training Is Crucial – Make A Security Training Schedule Today

In today’s age of ransomware and high-profile attacks, cybersecurity is one of the components of an IT strategy that absolutely cannot be ignored. It is absolutely critical. To prepare your team to be able to handle everything, you should make your security practices...

Mobile? Grab this Article!

QR Code

Blog Archive

Share This