Ransomware attacks are on the rise, with increasing persistence and sophistication by threat actors who are adept in evasion techniques. On Friday 7 May, a ransomware attack was reported by the largest gasoline pipeline in the United States. And they paid nearly $5 million in bitcoin for the encryption key. While the pipeline is fully operational now, many US gas stations were still without fuel two weeks later. On 14 May, ransomware took down Ireland's health service's IT systems, which left most of the country's hospitals without computers for over a week. That means medics had limited or no access to patients' records, among other critical impacts. The most recent attack on global food producer JBS shut down operations around the world.
These attacks on industrial, utilities, and life sciences and healthcare companies continue to grow in frequency and impact, leading industry experts to warn that failing to address key cybersecurity concerns may have even more devastating consequences in future attacks, to both economies and to critical infrastructure.
Every organization is vulnerable to ransomware attacks. Ransoms are paid because the cost is less than rebuilding the IT infrastructure based on the most recent backups. Organizations should be continually monitoring their processes that have access to sensitive data. Access control and data encryption management is the key to securing an organization – not only from ransomware, but from insider threats, rogue processes, malware and more. It's vital that the CEO and the board are fully equipped with the knowledge to deal with the prospect of a ransomware attack hitting their organization and are doing as much as possible to ensure this doesn't happen.
When there’s accessibility to valuable data, attacks will occur
Next-generation disruptive technologies from ransomware attackers are making it increasingly difficult to reduce the attack surface.
Organizations that don’t mitigate that part of the hacker’s modus operandi are opening themselves up to costly and sometimes catastrophic consequences. Strong cyber hygiene practices should be prioritized, regardless of industry, to reduce the threat of ransomware attacks, which includes workforce training on sound cyber practices.
To complicate an adversary’s efforts to identify points of weakness between interconnected networks, development environments and cloud-enabled services, organizations should also consider a Zero Trust framework whereby users are granted access to a network service for a specific task and must reauthenticate for new tasks, and where continuous monitoring for anomalous activity is in place. Security planning should also reflect zero trust principles within the enterprise and software lifecycle to eliminate implicit trust in any network node or access point.
In an urgent memo on 2 June to American organizations, the Biden administration is urging corporate executives and business leaders to take immediate steps to prepare for ransomware attacks. On 12 May in the aftermath of the pipeline attack, US President Biden signed a cybersecurity executive order creating guidelines for responding to such attacks, mandating transparency by companies who have been attacked and increasing governmental involvement in the aftermath of any exploitation. The recent attacks continue to highlight the opportunity and importance for governments and the private sector to engage in more effective information sharing.
Cybercrime is not just a crime against a computer but against trust and the impacts are far reaching. Ransomware attacks are not going away any time soon, which means everyone has to get better at preventing a targeted attack from becoming a successful one.
Global businesses are expected to face a ransomware attack every 11 seconds, costing targets an estimated USD $20 billion (Source: Cybersecurity Ventures).
Our diverse and experienced team of Cyber professionals consulting over 10 consecutive years are well-positioned globally to ensure local points of contact and to provide our solutions and offerings with unmatched consistency and quality of execution.
Deloitte Cyber | Empowering your people for the future
1 Source: Gartner, Market Share: Security Consulting Services Worldwide, 2020, Elizabeth Kim, April 2021
2 Source: IDC MarketScape: Worldwide Managed Security Services 2020 Vendor Assessment by Martha Vazquez, September 2020, IDC #US46235320e
3 Source: ALM Intelligence; Cybersecurity Consulting 2019; ALM Intelligence estimates © 2019 ALM Media Properties, LLC. Reproduced under license.