US Treasury Issues Warning On Ransomware Attacks

US Treasury Department issues warning to US businesses that pay ransoms following ransomware attacks.

November 2, 2020 (Dallas, TX, AND Atlanta, GA) — For the uninitiated, ransomware is a type of malicious software that encrypts the data on your device, which could include anything from a single smartphone or computer to an entire network of computers and servers. Once the files are sealed by the ransomware, the attacker demands money from the victim to restore their information. If your computer falls prey to this kind of attack, you’ll have to pay a ransom, which could range from thousands to millions of dollars, to get your data back.  Fail to pay and your business can take months to get back to normal and often your data will be sold and your business reputation severely damaged.

Since the outbreak of Covid-19 earlier this year, the increase in the number of ransomware attacks are both staggering and scary.  Corporations are under siege and the amount of those deciding to pay the ransoms has gotten the attention of the US Treasury department, who recently issued a significant statement to US based companies regarding such activities.

The Impact of Covid-19 On Cybercrime

Covid-19 caused massive changes to the ways businesses operate in a very short timeframe.  IT departments were consumed with having to almost instantly support a fully remote workforce and rapidly adopting new, cloud-based systems to accommodate changes in how customers interact with the business. To make matters worse, the pandemic forced many organizations to make budget cuts resulting in IT departments having to do much more with much less.  Cybercriminals didn’t take long to notice these conditions were ideal to ramp up cyberattacks.

With the pandemic bringing digital business operations to the forefront, online crime is on the rise. The FBI reported a staggering 400 percent increase of daily cyberattack complaints since the onset of the coronavirus pandemic – a spike from 1,000 to 4,000 in just a few months. To make matters worse, Interpol is also reporting a disturbing uptick in cybercrime cases that target critical social infrastructure, governments, and major corporations.

In fact, the prevalence of ransomware attacks since the pandemic struck has been so astronomical that the US Treasury Department’s Office of Foreign Assets Control (OFAC) was forced to issue an unprecedented statement. They state that sanctions may be placed on organizations that pay ransoms to malicious actors (often residing in countries that already have US embargoes against them), as this action only encourages more attacks.  Businesses impacted by a ransomware attack now find themselves in a dire position – either pay the ransom to get their business back and risk repercussions from the US government, or don’t pay and take months to get their operation back to normal while running the risk that their private data be sold and business reputation tarnished.

Mark Coltharp, EVP at Zyston – an industry leading managed security service (MSSP & MDR) provider, had this to say: “Today, more than ever before, executive leaders and board of directors have to take cybersecurity as a real liability to their business and take significant steps to improve their security posture.  With the government now threatening legal action against businesses paying ransomware, the only reasonable solution is prevention and unfortunately most businesses are not prepared to deal with today’s cybersecurity threats and are unaware of the corporate risk and liabilities in day to day business operations.”

The projected cost of cybercrime going into 2021 is now set to exceed $6 trillion dollars annually now making cybersecurity front and center in the 2021 budget cycle.  McKinsey research suggests that over 70% of CISOs plan on asking for significant increases in budgets going into 2021 and the amount of supporting examples to justify those requests is not in limited supply.  Currently, the latest CIO survey suggests that the average company will allocate 16% of its IT budget to cybersecurity next year. Unfortunately, many CISOs still struggle to get a seat at the table when it comes time to budget season.

Coltharp agrees and goes on to say “Many CISOs struggle to create meaningful metrics that can provide insights and the necessary justification for budget requests.  We are finding this to be a real issue inside organizations and are actually sponsoring an upcoming Forester webinar on this very topic to help CISOs address this challenge.”

Notable Ransomware Cases Continue To Mount

Cybercriminals have plenty to gain when it comes to targeting large, wealthy corporations with ransomware. Over several months, mega-corporations like Honda, Garmin, and Canon became victims of so-called ‘ransomware gangs.’ But online crimes don’t just affect the global players; ransomware attacks have also hit close to home here in the USA.

Take Tyler Technologies, Inc., for example. This Texas-based tech giant is the United States’ number one provider of software for the public sector, but in late September of 2020, it experienced a system-wide ransomware attack. Tyler Tech was victimized by RansomExx ransomware, the same crew that recently targeted Konica Minolta and IPG Photonics.

Tyler Tech took swift action, quickly shutting down portions of their network and disabling phone and email. While their efforts managed to protect their clients, the attack severely disabled their systems, and it took approximately a month for their operations to return to normal. Sources say that Tyler Tech also paid the ransom to receive the decryption key, although the amount was unspecified.

And it isn’t just major corporations, either. Social infrastructure and medical care facilities have also become the targets of cybercrime. This unsettling trend is tapping into current social vulnerabilities across the nation and around the world. With all the struggles that we are currently facing, resources are stretched to the limit. For some, a breach of any magnitude is a severe threat to business continuity.

There’s A Lot More At Stake Than Just Money

Small and medium-sized businesses are also disproportionately at risk, as they lack the manpower and advanced technology to ward off cyberattacks. And even if the stakes seem small, there’s plenty to lose. If your business falls victim to a ransomware attack, the operator will do more than just take your data and your money. They’ll also turn around and sell it on the dark web, blasting the details of your compromised systems to malicious actors everywhere.

As a result, your company’s vulnerability will be well-known, almost assuring more trouble on the horizon. It is a blow to your reputation that may be impossible to reverse.

Along with customer data, you stand to lose credibility with your customers, not to mention sales as you get your systems back up and running again. Any time lost can be devastating for a small business. All operations have to be put on hold until security is restored. Depending on the magnitude of the breach and how much customer data was involved, you might also face significant fines under data protection laws. No matter how minor it seems, any data breach is a crisis and every business operator’s worst nightmare.

Protecting Your Data Starts Here

With so much at stake, it only makes sense that you would want to protect your data the best way you can. There’s nothing more important than keeping your clients, employees, and business systems safe and secure. Considering the prevalence of ransomware today, there’s no better time to invest in cybersecurity.

Zyston leverages a comprehensive MDR (manage, detect, and respond) cybersecurity model, going beyond the alert to assure results in the moment and strengthen systems for the future.

Zyston recently launched its new CyberCAST security assessment to help organizations combat the recent uptick in cyberattacks. With a focus on evaluating security program maturity, Zyston’s CyberCAST combines a technical penetration test with an industry-leading security assessment.

The goal of the CyberCAST security assessment is to provide an organization’s CIO or CISO with a report that they can share with senior executives that explains the state of their organization’s security posture in a business language they can easily comprehend. As a client’s information security partner, Zyston can both execute the CyberCAST assessment and help facilitate the communication of the CyberCAST assessment findings among the client’s leadership team.

Is your company at risk? Don’t risk being another security breach headline and sign up for a free CyberCAST Snapshot security assessment today!

About Zyston: