As you’ve probably realized, ransomware is on the rise in a big way. As Nicole Pelroth, the cybersecurity expert for the New York Times, put it recently, “We’ve seen a surge in attacks, more types of organizations targeted and ransom demands up to the tens of millions of dollars.”
In addition to seeing more attacks and bigger payoffs, the attacks are also using new tactics to try to better convince victim organizations to pay up. Cybercriminals have been blackmailing their victims and leaking private data – and, truthfully, it’s a mess.
In response to the nation’s cyber-mess, President Biden has signed an executive order that requires businesses to meet specific cybersecurity standards within the next six months. Get the facts on all this in today’s brief news roundup.
TL;DR: Ransomware criminals are now emailing and calling your customers, partners, and employees and threatening to publish their private data if your company doesn’t pay up. In response to recent cyberattacks, the President is now requiring businesses to secure their systems within 6 months. Improve your security with help from Interplay.
For the past few weeks, ransomware cybercriminals have been trying a new tactic to get victims to pay: they send an email to the victim organization’s customers and partners saying they have sensitive data – and that they’ll leak that data if the victim organization doesn’t cough up more cash (or bitcoin).
First off, we’d like to say that we really hate the phrase “victim organization.” It makes businesses that are totally fine sound helpless and somehow at fault. (As if being attacked by a criminal is anyone’s fault ever – it’s not.) Unfortunately, this is the official term, so we are forced to use it. Now that that’s off our chests…
Brian Krebs over at KrebsOnSecurity.com got a screenshot of one of these emails, and if you take a moment to imagine receiving one of the emails like the one in the image, you can easily see how this might convince you to pressure the victim organization into paying the blackmail money. Sometimes cybercriminals directly VoIP call the customers or partners to boast about the sensitive data they have, just to make the whole blackmail scheme even scarier.
In this new scheme, ransomware victims would have to pay up twice: once to recover their data, and again to keep the criminals from publishing the data on the dark web. We hope that this means more people are backing up their data really well, and therefore have had no incentive to pay the criminals.
In other news, President Biden has just signed an executive order that requires companies to certify that they are following a prescribed set of “digital safety standards” within the next six months. The safety standards include things like password security, patching and updates, backups – all the basics, really. Companies or agencies that don’t comply will be banned from selling anything to the federal government. The order also sets the groundwork for better information sharing to identify attacks more quickly and establishes a review board to investigate attacks and see who is at fault. (Again, is someone ever at fault for being attacked? No.)
Currently, the order narrowly applies to federal agencies and contractors that supply software to the federal government but, considering the recent pipeline attack and the increase in cyberattacks in general, we can easily imagine this order being expanded with a law that requires all businesses to meet the “digital safety standards.”
While we definitely agree that all businesses and agencies should have minimum basic cybersecurity standards in place, we also feel that maybe the federal government should provide some assistance with this, instead of just creating harsh punishments for noncompliance. Subsidies could be useful to help smaller companies purchase and maintain their backup solutions, or to train users on avoiding crafty phishing attacks. We don’t make the law, but if we did, that’s what we’d set up.
One of the reasons Biden felt the need to sign this executive order with harsh punishments is because SolarWinds really dropped the ball on their security. As it turns out, their software update mechanism password was “SolarWinds123” (face palm) and, as a result, pretty much every government agency has now been hacked. You can easily avoid making this rookie mistake.
To better protect your organization from a cyberattack, including ransomware and malware, you should:
For 20 years, the friendly and knowledgeable IT team at Interplay has helped business leaders across a range of industries get more out of their tech, stress free. Not only are we always (and we mean always) happy to offer the best managed IT services, support, and advice, we’re also the team you can trust for the best cocktail recommendations here in Seattle or in Disney World – we’re versatile! All humor aside though, we’d love to help you get your IT running smoothly and securely, around the clock.