The past few weeks have brought news of ransomware attacks across various U.S. industries. On May 7, the operator of Colonial Oil Pipeline was hit with ransomware, forcing them to shutter operations for a few days and impacting the southeast US fuel supply. Then over Memorial Day weekend, the computer systems of JBS USA, part of one of the world’s largest meat distribution networks, were hit with ransomware. Though we are still in the early days of unraveling this attack, it is likely the JBS attack will affect US meat distribution and cause price increases.
The cyber-attacks didn’t end there. On June 2, a ransomware attack hit the Steamship Authority of Massachusetts, hampering ferry operations to and from the popular tourist islands of Nantucket and Martha’s Vineyard. Investigations are ongoing and early indications point to some level of state-sponsored activity by a foreign power.
These three attacks have two things in common. First, they were all accomplished with different variations of ransomware aimed at interrupting normal operations. Second, all the firms dealt with logistics, either in the fuel, food, or transportation industries. These facts point to a new and disturbing ransomware trend: Cybercriminals are now seeking to publicly impact the day-to-day lives of Americans.
More ransomware attacks on more industries
According to the Verizon Data Breach Investigations Report, ransomware has seen a 7% increase in use over the past three years. This may not sound like much until you consider there were over 100 million data breaches in 2020. Then 7% suddenly becomes are more significant figure.
On top of this, attackers’ goals appear to be changing. Ransomware was once used almost exclusively for financial gain. Your information would be locked by the attacker who then demands payment to unlock it but doesn’t expose your data to the general public. However, even with ransom fees rising, the fact that attacks are becoming unmoored from financial gain should worry everyone. It means more industries will be targeted for ransomware as attackers – who range from lone wolves to state-sponsored entities – focus more on the attack’s success and less on the victim’s ability to pay.
What does this mean for your own business? It means the risk of falling victim to an attack is greater than ever. You need to be prepared for an attempted data breach at any time.
Know what you need to defend
If you were to ask different experts the best ways to prepare for a cyber-attack, you’d get a variety of answers, ranging from perimeter defense to backup testing to cybersecurity awareness. However, what these tactics have in common is they require you to know the current landscape of your company’s technology and cybersecurity posture. For example, you cannot institute perimeter defense if you don’t know which assets need defending.
This philosophy extends to all aspects of cybersecurity. You cannot institute proper defenses or even defense planning if you do not know what you need to defend. In Sun Tzu’s “The Art of War,” the great strategist stated, “If you know neither the enemy nor yourself, you will succumb in every battle.” Learning about ‘the enemy’ can be difficult as there is no shortage of threat actors looking to exploit your company’s vulnerabilities. However, ‘knowing yourself’ may be the single most important thing you can do to manage your cyber defenses.
Where do you begin to ‘know yourself’? In the cybersecurity world, this means having a complete picture of the current state of your company’s technology and employee awareness regarding company policy. This is a major undertaking, which is why you should consider using templates to make the task easier. The National Institute of Standards and Technology (NIST) is well known for publishing frameworks measuring all facets of the intersection of business operations with cybersecurity.
Using the NIST cybersecurity framework
The NIST cybersecurity framework version 1.1 is an easy-to-use guide. It takes NIST’s best practices and boils them down to the most foundational questions needed to gain a snapshot of your company’s current technology posture. Though the questions have been simplified and condensed, you may think they are still somewhat complex, especially if you do not know the answers. This is OK. Sometimes not knowing the answer to a question is the answer in and of itself. Finding out what you may not know about your own company is an important first step in achieving a more robust cybersecurity posture.
Though completing a cybersecurity framework on your own can be a good starting point, your organization may also want to consider engaging cybersecurity experts to help you build an accurate framework. They may also offer their own assessment which combines their experience with a respected framework such as NIST’s.
Cybersecurity experts can use their custom assessment to quickly identify your greatest cyber risks and threats. Then they can assist you in developing a plan to address them. Even if the assessment shows more needs beyond current resource availability, the experts can assist your firm in prioritizing and addressing your most critical needs.
Take action against ruthless cybercriminals
The size, scope, intent, and amount of damage inflicted by ransomware are rising every day. If you think your company is too small to be worth the time or effort, think again.
Attackers are becoming savvier and much less discerning in their targets. The best way to stop them is to create your company’s baseline with a self-assessment and then build your cyber defense plan. This will ensure the effort to attack you just isn’t worth it.
At Infoaxis, we understand an accurate assessment is the foundation for a robust cybersecurity strategy. We offer a no-cost Discovery self-assessment to get you started. The bad actors are thinking more strategically every day. It’s time for you and your company to do the same. Let’s chat.
About the Author
Joshua Silberman, CISSP, CCSP, CISA, is a cybersecurity leader responsible for the direction, design, and development of cloud transformation and cybersecurity at Infoaxis.
Reach Joshua at 201.236.3000 or firstname.lastname@example.org.