Ransomware Attacks On the Rise: Can It Be Stopped?
In recent weeks, cybercriminals have launched multiple successful attacks, crippling the operations of several US organizations, including managed IT service providers (MSPs). They have also threatened the global food supply chain and law enforcement agencies. Ransomware attackers typically use a computer virus to hold your company’s data hostage until you pay a ransom. For example, a recent ransomware attack caused outages at Brazil’s JBS, a giant producer of beef, pork, and chicken products in the United States, resulting in service disruptions.
The menace is becoming more frequent as businesses rely more heavily on stored data, both on-premise and in the cloud. Statistics indicate that the number of ransomware attacks is growing exponentially and has so far resulted in losses amounting to about $18 million. In most cases, the attacks block employees from accessing their computers or the data they need to complete daily operations.
Why Can’t the US Stop Ransomware Attacks?
The growing concern about these cyber gangs has raised the question: Why does the United States look so powerless in safeguarding its citizens from such kinds of criminals? In that light, the government recently signaled that it could move against cybercriminals by trailing and recovering the ransom money.
In a recent press conference, Deputy Attorney General Lisa Monaco reiterated that the Justice Department has so far recovered most multimillion-dollar ransom payments paid to hackers by the nation’s largest fuel pipeline operator. The Colonial Pipeline based in Georgia distributes almost half the fuel consumed on the country’s eastern coast. Following the May 7 ransomware attack, the company temporarily shut down its operations and paid a ransom of about $4.4 million to restart its operations sooner.
This is the first time the US government has disclosed that it had recovered funds from the Russia-based gang. Federal officials insist they are dealing with ransomware attacks aggressively. Monaco said, “The federal government will continue to employ all the available tools and resources to heighten the costs and consequences of ransomware attacks and similar cyber-enabled attacks.”
Furthermore, President Joe Biden plans to schedule a meeting with Russia’s leader, Vladimir Putin, to discuss issues surrounding the alleged support Russia seems to offer ransomware criminals. The government also promised to put in measures to defend against further cyber-attacks by improving efforts to bring charges against entities responsible and establishing diplomatic agreements with the countries involved.
Government Measures to Mitigate Ransomware Attacks
Following the recent series of ransomware attacks instigated by the Russian gang against leading US organizations, including law enforcement agencies, the US government has come out with guns blazing for the first time. After the Colonial Pipeline attack, President Biden reiterated that his administration would ultimately bring the foreign cybercriminals to justice. But even as he was addressing the nation from the White House in May, another Russian-linked ransomware gang was publishing secret documents belonging to the Washington DC police department. According to experts, that was the worst ransomware attack instigated against a US law enforcement agency.
According to General Paul Nakasone, who leads the US Cyber Command and the National Security Agency, the US will utilize every available resource, including the Defense Department, to take down the ransomware infrastructure outside the US territories.
Already, the US policy permits government agencies to fight against cybercriminals and break up their infrastructure using computer programs. Besides, the US Cyber Command has carried out offensive operations associated with election security. This encompasses counteracting Russian disinformation efforts during the nation’s midterm elections in 2018.
Ways to Protect Your Organization from Ransomware Threats
Businesses are becoming popular targets by malware attackers, and the urge for remote work due to the global pandemic has made the cybersecurity situation worse. These cybercriminals can exploit any vulnerability to gain access to your computing system to freeze your device or steal your sensitive data and demand a “ransom”. Ransomware can infiltrate individual laptops or desktops, enterprise networks, and even cloud servers, leading to losing vital information and data. Even as the government takes measures at the federal level, these tips can help your business thwart ransomware attacks at the company level:
- Manage The Assignment of Privileged Accounts: Always restrict users’ ability to install and run software solutions on your network devices to limit your network’s exposure to malware.
- Establish Data Backup and Recovery Mechanisms: Be sure to back up your critical information to lessen the impact of potential malware attacks. Store your data on separate devices or offline, so you can access it in case of a ransomware attack.
- Keep Business Devices Updated: Ensure all your antivirus and anti-malware software are automatically updated, and regular scans are run to keep your operating systems operating efficiently.
- Educate Your Employees: With proper training, your employees can act as the first line of defense to combat malicious threats and actively help stop malware infiltration. A robust cybersecurity program combined with employee training on safe practices, warning signs, and responses can tremendously help thwart these threats.
- Be Cautious With Email Links. Never open links or popups on emails unless you’re certain the email URL is legitimate. Additionally, be cautious about opening email attachments or downloading files from emails, irrespective of who sent them. These files may contain viruses or harmful software designed to compromise your computer’s security.
Additionally, be sure to manage your user credentials and activate two-factor authentication to prevent attacks targeting weak login credentials. Finally, if you ever fall victim to a ransomware attack, report to your local FBI field office immediately for assistance. To identify the office nearest you, please visit fbi.gov/contact-us/field-offices.
The Bottom Line
As cyber criminals across the internet use malicious software to extort millions of dollars each year from unsuspecting businesses, it’s important to take precautions to avoid being the next victim. At Kraft Technology Group, we offer ransomware protection solutions consisting of a finely tuned balance of business-class endpoint protection, data backup, firewall management, employee training, and more. Reach out to Kraft Technology Group to learn the importance of protecting your business from ransomware attacks and pick our brains on what you need to do to protect your organization.
Brian Gray, MCP, is the President at Kraft Technology Group, LLC (KTG), an affiliate of KraftCPAs PLLC. Within his role, Brian is responsible for all aspects of service delivery to our clients. Brian has a decade of experience working for managed service providers. He has worked with clients in a variety of industries, including financial services, accounting, legal, healthcare, manufacturing, and retail.