Washington – After a year of headline-grabbing ransomware attacks, companies are concerned about the possibility of facing cyberattacks this holiday season, when many of theirs Online Safety Operations are dependent on the deployment of personnel.

Boston-based cybersecurity firm Cybereason commissioned a survey of 1,206 corporate cybersecurity professionals who experienced a ransomware attack on a holiday or weekend in the past year. A whopping 89% of respondents from the US, UK, France, Germany, Italy, Singapore, Spain, South Africa and the United Arab Emirates said they are worried about another cyberattack before the holiday season. However, 36% said they did not have a “specific contingency plan to respond”.

“The question is, at what point do cyber professionals translate these concerns into a plan of action?” Cybereason CEO Lior Div told CBS News. “Do companies have the right tools, processes, and people to deal with an attack, especially during the upcoming Christmas season? Hackers love to hack when they know that we are distracted and unwilling to react. “

The study found that healthcare (65%) and manufacturing (67%) companies – two of the biggest targets for ransomware attacks – are among the least likely to develop contingency plans.

Cyber ​​criminals have expanded hacking operations repeatedly targeting the healthcare industry amid the coronavirus pandemic, resulting in deteriorated health outcomes and excessive hospital deaths.

Before Labor Day weekend, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) published a common warning an “increase in high-impact ransomware attacks occurring in the US on holidays and weekends when offices are normally closed,” after a series of high profile cyber incidents over long weekends.

Days later, Howard University in Washington, DC, was forced to cancel classes for more than a week after malicious actors took their network hostage. The holiday weekend of July 4th saw one of the largest ransomware attacks to date, when a subsidiary of the cyber gang “REvil” targeted the software company Kaseya just six weeks after the Russian-affiliated cybercriminals sabotaged the meat processor JBS on Memorial Day weekend, the company to extort a ransom of $ 11 million.

Colonial Pipeline paid the DarkSide group a $ 4.4 million ransom after being forced to cease operations on Mother’s Day weekend, although the FBI later recovered $ 2.3 million of the ransom from the Russia-based hacking group.

Cybereason’s new report reveals the human cost of such attacks, with 86% of respondents missing vacation or weekend activities with family and friends to return to work after a cyber incident. Almost three-quarters of respondents admitted that they were drunk responding to a ransomware attack on the weekend or while on vacation, “a risk factor for businesses that may not have been addressed by incident response and business continuity plans,” the report said.

And the vulnerability of these organizations is compounded by gaps in the workforce. In the United States there is almost 500,000 vacancies for cybersecurity jobs, according to to Cyber ​​Seek – a US Department of Commerce tech job tracking database – and CompTIA trading group.

According to the FBI, ransomware payments reached over $ 400 million in 2020. And this year, the average ransom payment is up more than 500% from 2020, and it stands at $ 5.3 million, according to Cybereason.

In June, President Biden called on Russian President Vladimir Putin to put an end to cybercriminals and use Russia as a safe haven. But attacks have in spite of it “too early to say” and diplomatic efforts The aim is to restrict Russia-related ransomware operations.

“Since the beginning of this year we have seen a massive surge in cyber intruders, particularly from the ransomware cartel in Russia, from the Colonial Pipeline to the JBS hack,” Dior told CBS News. “We thought that after President Biden’s meeting with President Putin, we would see a decrease in these types of attacks. But in fact, we’re seeing a steady stream of these types of hacks. The ransomware cartel didn’t even stop. “Wait a minute.”

In early November, the country’s top military cyber officer, Army General Paul Nakasone, said it was “too early to say” if the Kremlin had facilitated the international hunt for cybercriminals after the US handed over the names of the wanted suspects.

“From the FBI’s point of view, we haven’t seen a decrease in ransomware attacks from Russia in the past few months,” said Bryan Vorndran, assistant director of the FBI’s cyber department. told Congress on Tuesday.

Tiny cybersecurity mistakes made by companies or organizations can wreak havoc.

A Congressional investigation into three major ransomware incidents in 2021 found that “minor neglect led to major security breach”. the Report released on Tuesday of the House Oversight Committee, pointed out that “ransomware attackers take advantage of relatively minor vulnerabilities, such as a single user account controlled by a weak password, to launch enormously costly attacks.”

“Even large organizations with seemingly robust security systems have fallen victim to simple initial attacks,” the report continued, “highlighting the need to increase security training and adopt different security measures prior to an attack.”

In a separate report, Cybereason offered companies and organizations advice on how to reduce the risk this Christmas season.

“Practicing good safety hygiene,” “locking critical accounts for the holidays or the weekend,” and “ensuring key stakeholders can be reached at any time of the day” were among the proposed precautionary measures.

“Cyber ​​defenders are heroes,” added Div. “We need to make sure that companies and organizations give them the right tools and support to do their job right.”

What Pennsylvania, New Jersey, and Virginia Republicans’ suburban wins say about the 2022 midterm elections

British Prime Minister Boris Johnson and the Conservatives are slipping in new polls

Drones help restore forests that were destroyed by forest fires

Source link
#Companies #worry #cyberattacks #vacation #good #reason

Leave a Reply