Editor’s Note: Cybersecurity continues to grow as a major concern for businesses of all sizes and across multiple industries. Banking, healthcare retail, and hospitality are all sectors experiencing the increase in cyberattacks aimed at taking advantage of minimally secured data. With widespread attacks, businesses should be looking to strengthen and evolve their current systems.
The realities of modern life mean that your company can’t avoid doing business online. Secure cloud-based technology can help you prevent and mitigate threats, which will set you up for success during the most important phases of your company’s financial journey.
The FBI urged companies to back up critical data and make sure any backups were disconnected from a network or protected enough to make sure the stored information could not be manipulated or deleted. Companies should also implement two-factor authentication and implement least-privilege administrative access, the FBI said.
The FBI’s findings echo what analysts have seen, according to Jon Amato, senior research director at Gartner. Ransomware actors, so-called “hackerpreneurs,” are using alternative means to increase pressure on target companies to make it more likely they will pay quickly.
“The threat of disclosure of sensitive information has been a particularly effective technique, as it effectively counters some of the commonly accepted response techniques organizations have used as a defense against ransomware—in this case, data recovery/restoration from backup.” Amato said via email.
The decision on whether to move forward with a ransom payment like this will ultimately fall to senior executives and the board of directors at a company, according to Amato. One potential risk of paying off the threat actors; however, is there is no guarantee they won’t try a second or third attempt.
The ultimate goal of ransomware criminals is to bring in as much money as possible, according to Allie Mellen, analyst, security & risk at Forrester.
“Ultimately, targeting organizations with valuable, timely and private information is to their benefit, especially if they want to get ransom and extortion payments as quickly as possible,” Mellen said.
Mellen said companies need to take the initial steps that everyone should take to deter these kinds of attacks: implement multifactor authentication, push for the use of strong passwords, don’t click on suspicious links and make sure the IT team has safe and secure data backups.
As part of the alert, the FBI reiterated it does not encourage making a payment, because there is no guarantee another ransom won’t be attempted. The FBI however conceded that in some cases businesses are faced with the risk of not being able to function if they hold firm against the threat.
This article was written by David Jones from Cybersecurity Dive and was legally licensed through the Industry Dive publisher network. Please direct all licensing questions to firstname.lastname@example.org.
Learn how Windstream Enterprise can help you improve security
Enter your business location zip code below for business solutions in your area.
Find business zip code