Ransomware Threats Are Everywhere. Here's How to Fight Back.

Bookmark

The cyber criminals are winning. After the recent spate of devastating attacks, experts say it’s only going to get worse from here, with hacking tools becoming increasingly available and high ransomware payments enticing more malicious actors and daring them to go after ever bigger targets. Corporations and governments need to act quickly and take concrete steps to counter the rising threat.

The flurry of cyberattacks on critical infrastructure and government computer systems has been unprecedented. Late last year, victims learned of the massive SolarWinds cyberattack that compromised the internal systems of at least 100 private companies and nine government agencies. In the spring, hackers targeted tens of thousands of Microsoft Exchange email clients. And this month, Colonial Pipeline Co. was forced to shut down the biggest fuel pipeline in the U.S. after ransomware group DarkSide’s technology infiltrated their network. Bloomberg News reported the company paid a nearly $5 million extortion payment to regain access to its systems.

For corporations, ransomware — a type of cyberattack in which hackers encrypt data and demand payment before restoring access to the files — has become a big expense. According to Palo Alto Networks, the average payment has nearly tripled so far this year to $850,000 after doubling in 2020. IBM Security X-Force estimates that the hacking group Sodinokibi made more than $123 million in 2020 all by itself. Attackers’ tactics are getting bolder as well. DarkSide has become known for its aggression, from threatening to notify the media and customers to badgering executives on their mobile phones. It’s not surprising that corporations are feeling more vulnerable. According to a recent survey by security firm Proofpoint, 64% of 1,400 chief information security officers felt their organization is at risk of a material cyberattack over the next year.

What do companies need to do to protect themselves? One fix that comes up frequently is shifting companies’ data to cloud services. Okta Inc. federal chief security officer, Sean Frazier, urges companies to switch to cloud-based email, which has the advantage of being automatically updated with the latest security patches, and he recommends cloud-based log-in identity software. Similarly, a Microsoft executive wrote in a blog post about its own security offerings that the SolarWinds attack was particularly damaging for on-premise systems, while attacks through the cloud were largely unsuccessful.

But of course, the cloud isn’t a panacea. Other relatively simple defenses include: 

  • Training employees on how to avoid falling for phishing scams
  • Multi-factor authentication through smartphones or biometrics
  • Regular data backups that aren’t connected to the rest of the network
  • Frequent mandatory password changes to prevent brute force attacks
  • Keeping security systems up to date with the latest patches
  • Game planning and practice drills on how to react to a cyberattack

Given the high profile of recent cybersecurity incidents, corporations and governments have no excuse not to take precautions. It’s becoming increasingly clear that cyber defenses should be at the top of a company’s list of priorities. Without them, everything else might one day just stop working.

To get  Bloomberg Technology’s “Fully Charged” newsletter delivered directly to your inbox, sign up here.

This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.

Tae Kim is a Bloomberg Opinion columnist covering technology. He previously covered technology for Barron's, following an earlier career as an equity analyst.

©2021 Bloomberg L.P.

BQ Install

Bloomberg Quint

Add BloombergQuint App to Home screen.