The holiday season is here again and with the looming pandemic, millions of people are continuing to work, shop, socialize, and conduct business online every day. Only they may be doing so in a far less secure environment than they realize, leaving themselves and others, including their employers, susceptible to cybercrime. This is particularly the case for ransomware attacks—reportedly up by 148% for the year—as published in a September 2021 article in AFCEA’s Signal Magazine.
According to the article, ransomware attacks are affecting everything from financial institutions to higher education. This includes hospitals, utilities, and municipalities (all of which provide essential services to the communities they serve) as well as key contributors to our nation’s economy/supply chain. And the results are both concerning and costly.
Take, for example, this year’s ransomware attacks on such high-profile organizations as Acer, CNA Insurance, and Kia Motors. Or, the May 2021 cyberattack on the Colonial Pipeline, which is the largest fuel pipeline in America. It disrupted fuel supplies all along the East Coast (12 states) for several days and ultimately forced a complete shutdown of operations to prevent more damage. It also led to a payout of $4.4 million in bitcoin to hackers, much of which was recovered (thankfully) with assistance from the FBI.
Also, consider the ransomware attack on Buffalo (NY) public schools in March 2021. With highly sensitive information for 34,000 students potentially exposed, it prompted the entire school system to shut down. Classroom learning was abandoned, and both in-person and remote instruction was canceled for an entire week.
Factor in the following ransomware projections and future trends from AFCEA’s September 2021 article and things get even more interesting:
- Total ransomware costs are projected to exceed $20 billion by the end of 2021.
- One organization, Cybersecurity Ventures, predicts that ransomware will cost $6 trillion annually.
- In the future, more organizations will switch to zero-trust security models.
- Remote workers will be the primary target of cyber criminals throughout the remainder of 2021.
- A large number, i.e., 84%, of organizations will keep remote work as the norm after COVID-19 restrictions are lifted, resulting in more internet users and a greater risk of data exposure.
- Future hackers will continue to target at-home workers since personal devices, including phones, are easier to hack than office hardware.
Don’t fall victim to cybercriminals this holiday season or in the year(s) ahead. Keep apps, operating systems, and of course, antivirus software current. Have a formal internet use and email policy in place, and train employees in basic cybersecurity principles. Last but certainly not least, be sure your organization’s continuity plan is up to date and ready for activation (just in case).