Imagine if you were going into work earlier this morning. Maybe traffic was a bit better than normal, perhaps a bit worse. Maybe you got in in time to find your favorite parking spot. As you collect things from your car and head into the office, you notice that something is not quite right.
No one seems to be around.
As you head towards your office, you hear some chatter in the break room. Those that got in early today are all sipping their coffee and questioning what they can do.
When you ask what’s going on, you learn that several people’s computers are encrypted with ransomware.
You run to your office, turn on your desktop computer and realize, as it comes to life, it too is transforming into an encrypted mess—where all folders and files on the machine are uninterpretable.
Your IT department issues a state of emergency—everyone must unplug their computers and disconnect them from the internet.
Those are the ONLY instructions you are given. You have no idea if and/or when you will be able to get back to that big report you were working on yesterday.
This scenario has been ringing true again and again in 2019. As you already probably know, the City of New Orleans was hit by a major ransomware attack, shutting down nearly every department.
What is even more worrying is the predictions for 2020.
Cybersecurity experts are warning that 2020 could get even nastier. There is a brand new trend among some attackers—they aren’t just encrypting your data, but stealing it and leveraging whatever they find to make sure you ante up.
In several cases popping up in Q4 of 2019, there have been reports that certain ransomware crime rings haven’t just encrypted data on business networks, but also threatened to leak sensitive data.
What has been known as doxing, criminals extort companies through the sensitive information within their networks. There have already been cases of criminals publishing healthcare organization data as a result of organizations calling the criminal ring’s bluff. What most officials did not know until now is how serious these criminals are about getting their pay day and the lengths they will go to ensure you pay.
Ransomware in 2019 has already cost the US alone over $7.5 billion. What criminals are learning is ransomware is big business and they’re becoming more entrepreneurial about how they run those businesses.
Think for a minute what a ransomware attack would mean on your business or organization. What critical systems—if impacted by a ransomware virus—could you likely never recover from if an attack actually occurred?
Now think for a minute of the types of sensitive data your network is storing. Is there any information that would really make your stomach turn if it were released on the internet?
In the past, the worst-case scenario would have been some data loss. But today, you have other realities to face in cybersecurity. And the real possibility that an attack could completely destroy how you do business.
What’s scary to me is that it’s a real possibility—especially if you aren’t taking precautions to make sure your network isn’t a low hanging easy target—that you might get infected. Experts say it’s only a matter of time. A numbers game—who the unfortunate ones are that are confronting these disasters.
But you don’t have to be on the wrong side of that numbers game. If you are taking steps to ensure that your network is secure—you are patching and updating software that have vulnerabilities, you are implementing smart firewalls that detect malicious traffic and training your teams to be more vigilant about what they do at work and home—you may be moving toward a securer tomorrow.
One of the easiest first steps to get on the right track? Have a network security assessment performed of your network to learn where your weak points lie and get a roadmap towards prioritizing your biggest threats.