As the world struggled with the outbreak of COVID-19, ransomware boomed as bad actors took advantage of the pandemic for their own benefit.
The pandemic catapulted ransomware into a new era, one in which opportunistic cybercriminals continue to exploit new vulnerabilities created by the overnight emergence of remote workforces that occurred in 2020.
In fact, “cybersecurity failures” have been named by the World Economic Forum as one of the biggest threats to the world in the coming two years.
The issue has catapulted to first place from fifth place in the span of six months according to KPMG’s latest 2021 CEO Outlook Pulse Survey of 500 CEOs across 11 countries, signalling the escalating concerns over cyber security weaknesses.
A new MailGuard report said while disruptive, these attacks carry valuable lessons and critical reminders about the need to challenge our existing security practices in order to stay protected.
So what have we learnt from the rise in attacks that ramped up in earnest last year?
1. No business is too big or small
Regardless of size or industry, every business was at risk of being targeted by cyber attacks last year.
The MailGuard report said attacks on the healthcare industry around the world was a “disturbing example of the insidious nature of cyber crime”.
Even Australian health sector organisations were also urged to “review their controls against ransomware” in an alert by the Australian Cyber Security Centre, with the agency saying it has observed “increased targeting activity” against the sector.
2. The potential for long-lasting effects
The consequences of any cyber-attack are significant, often extending far beyond direct financial costs.
But, MailGuard said, these became even more catastrophic in 2020 as the world battled an unprecedented health crisis.
An example of this was a ransomware attack on the University Hospital Düsseldorf in German which was forced to shut down computer systems and reroute ambulances away from its emergency room for 13 days, resulting in a woman’s death after her ambulance was diverted.
“Essentially, the year reiterated the fact that ransomware, like other cyber threats, can result in a wide range of ‘hidden’ costs,” Mailguard said.
“Many of these are intangible, like reputational damage, operational disruptions, or a drop in employee engagement – costs that businesses should keep in mind as they plan for an effective defence strategy.”
3. Supply chain vulnerability
One of the most serious ransomware attacks last year was on Blackbaud, a cloud computing company which supplies many organisations from schools, charities and healthcare entities.
It was hit by a ransomware attack resulting in hackers stealing the personal data of millions of individuals from around 200 organisations.
“The hack brought a dangerous attack vector to the fore – supply chain attacks, aka attacks wherein threat actors exploit vulnerabilities in an organisation in the supply chain of others, in order to breach the upstream target(s),” MailGuard said.
“Ransomware attackers are increasingly taking advantage of the fact that one of the easiest ways to infiltrate a company’s networks and steal valuable data is via its interconnected vendor ecosystem.”
4. The importance of creating a solid response strategy
A key cyber lesson that emerged from the rise in ransomware attacks in 2020 is the need for organisations to recognise the critical pressures and risks that accompany the aftermath of an attack.
This includes knowing how to deal with the hackers requesting a payout in return for the information they stole.
A perfect example of this even occurred this year, with the Colonial Pipeline attack, which resulted in the CEO paying the cyber criminals millions in return for the data.
“With ransomware attacks continuing to disrupt organisations, it’s critical that businesses learn from past attacks and use them as case studies on incident response planning, and when deciding the right approach for their company in the event of a ransomware attack,” MailGuard said.
5. Email continues to be the hacker’s mode of choice
MailGuard said nine out of 10 cyber-attacks are delivered by email, so it isn’t surprising to see malicious emails increasingly being used by cybercriminals to deliver ransomware attacks.
“These attacks remind us that all it takes is one innocent click on a seemingly legitimate email to wreak havoc,” MailGuard said.
“Any company, even one with the most experienced cybersecurity team and the best tech defences can fall victim to these scams.”
Also read: ATO issues warning about ‘myGov’ email scam
The report said experts recommend that companies take a strategic, multi-layered approach when it comes to cybersecurity – especially when defending against targeted cyberattacks.
“It’s sometimes referred to as a ‘defence in depth’ approach, designed to defend a system against attacks using several different methods and tactics, in the event that if one fails, the others will stop the threat.
“No one vendor can stop all threats, so don’t leave your business exposed,” MailGuard said.