Cyberattack today is more prevalent than ever in history. You remember this: Nearly 2 months ago, the pipeline that supplies 45% of the fuel to the Eastern seaboard was shut down for 6 days due to a ransomware attack. This resulted in gas-buying panic and chaos across the East Coast.
It was interesting news at the time (yet another worrisome example of the destructive, disruptive nature of ransomware), but it certainly didn’t matter to you or your business here in Seattle, right?
Actually, no. It really, really mattered. Here’s why.
TL;DR: Even though you may not become a direct victim of ransomware, it is still important to follow basic cybersecurity practices to avoid “trickle down” effects of other companies affected by ransomware. Contact Interplay to set up your security.
On May 7, 2021, Colonial Pipeline, a gas pipeline operator supplying gasoline, diesel, and jet fuel for the East Coast, discovered they were the victim of ransomware. The breach likely occurred because Colonial didn’t use multifactor authentication for their passwords.
The ransomware impacted billing systems along the pipeline and could have granted criminal access to pipeline operations, so Colonial chose to shut down their full 5,550 miles of pipeline stretching from Texas to New Jersey. This caused shortages and price spikes at the gas pump, and it affected airline travel.
Within one day of the attack, Colonial paid the 75 Bitcoin ransom (~$5 million at the time) and received the decryption key, but decryption is slow and it took 6 days for Colonial to restore full operations. Government analyses report that the nation only had 3-5 days more before buses and other mass transit operations would have had to be limited due to diesel fuel shortages.
The Colonial Pipeline attack was a classic example of what cybercriminals refer to as “big game hunting,” which is when criminals attack a rich company with the means to pay a large ransom. Big game hunting has rapidly increased the average payout for ransomware; ransomware negotiating firm Coveware reports that the average ransomware payment in Q3 2020 was $233,817, up 31% over Q2. These are big numbers, folks.
Here at Interplay, we work primarily with small-to-midsized businesses, so it’s highly unlikely any of our clients would become direct targets for big game hunting. Your business is still extremely likely to be impacted though – even when you manage to avoid becoming a victim yourself.
First: a quick description on how modern ransomware works.
These days, ransomware is a partner-driven industry. Cybercrime companies write and sell mass-market code for wannabe criminals who may have zero technical skills to create their own code. Just like legitimate tech companies, the cybercrime companies selling Ransomware-as-a-Service have websites with great sales pitches and they provide on-demand tech support to ensure their clients’ satisfaction. The clients / wannabe criminals find targets and deploy the ransomware, and the cybercrime companies that make the ransomware get a cut of the profits.
Due to this business model, it pays big for the wannabe criminals to do their homework and find out everything they can about their potential targets. One cybercriminal managed to uncover their target’s cyber insurance policy and used it as leverage to insist on receiving a specific (and insurance-covered) ransom amount.
This is all to say that:
Even though your business may not be seen as “big game,” you may very well become a stepping stone that provides information to assist in a big game attack.
A cybercriminal may break into your systems through weak password security, unpatched software, or phishing scams, so they can look at all your data and find what might be useful to them. This a known as a data breach and can carry huge fines and consequences, depending on your industry.
Your company doesn’t need to become a cybercrime target to be impacted by ransomware. As we saw in the Colonial Pipeline attack, the effects of cybercrime can be wide ranging.
If another infrastructure attack were to happen, this time in Seattle (a very likely scenario, unfortunately), you may experience:
In response to the massive cyberattacks the U.S. has been experiencing over the past 6 months, government experts agree that the best way to prevent cyberattacks is for all companies to implement minimum cybersecurity standards. These standards aren’t tremendously difficult to follow – and they aren’t tremendously surprising either.
What the government calls for is:
As we discovered in 2020 with the pandemic: When we all take safety seriously, we all do better. If every business focused on keeping their systems safer, every business would be safer. Cyberattacks would be less likely to succeed across America and here in Seattle.
And if you secure your business with these cybersecurity basics, you can be much more confident that your company can survive a ransomware or other cyberattack without missing a beat.
For 20 years, the friendly and knowledgeable IT team at Interplay has helped business leaders across a range of industries get more out of their tech, stress free. Not only are we always (and we mean always) happy to offer the best managed IT services, support, and advice, we’re also the team you can trust for the best cocktail recommendations here in Seattle or in Disney World – we’re versatile! All humor aside though, we’d love to help you get your IT running smoothly and securely, around the clock.