I don’t know if I have been naïve lately or not, but I have
been finding that the news headlines regarding Russia and the Ukraine starting
to dissipate somewhat in the headlines.
Heck, even the Cyber headlines have slowed down about being aware from Cyberattacks
coming in from Russia. Or maybe its perhaps inflation and the raising of
interest rates took the headlines?
Well whatever is happening out there, let’s have some good
news out there next, we could all use some for sure. But when it comes to the Cyber world, at
least nothing has too much changed there either, which I guess could be a positive.
The only thing I really keep seeing anything about are the number
of Ransomware attacks that are happening, but by now, in a sad way, we all are getting
used to it.
But I did come across a news headline late last week as to
how although the total number of attacks are still continuing, the total number
of companies having the capability to recover that data is actually slowing
down.
This could be for a number of reasons, such as the
Cyberattacker is not making good on its promise to send over the decryption
keys, or that the encryption algorithms that were used to scramble the data in the
first place are so powerful that they cannot be broken.
Sophos, a leading Cybersecurity company, just came out with its
recent report about the state of Ransomware attacks. The report is entitled the “State of
Ransomware 2022”. The report can be
downloaded at this link:
https://www.sophos.com/en-us/whitepaper/state-of-ransomware
One of the key findings is that the total number of Ransomware
attacks increased by at least 43% in 2021, which is not surprising. IMHO, that was probably the year in which Ransomware
groups truly made their mark.
But on the downside, the report also found that the impacted
companies simply could not recover the data that they lost. Another reason for this that needs to be
included is that many companies in Corporate America, even despites the lessons
that have been learned from COVID-19 simply do not have the right data backup
strategies and policies in place yet.
Here are some other noteworthy findings from the report:
*The total number of Ransomware as a Service incidents are growing
at a very rapid pace. These are groups that are formed by professional Cyberattacking
groups, and have some of the stealthiest and most covert techniques on hand in
order to launch devastating Ransomware attacks.
*The average cost of a ransom payment is now pegged at
$812,000.00.
*So far, it has been the energy and manufacturing industries
that have amongst some of the hardest hit by Ransomware attacks. This is illustrated in the diagram below:
(SOURCE:https://www.darkreading.com/attacks-breaches/ransomware-crisis-deepens-data-recovery-stalls)
*On average, it took a business one month or even greater to
recover from a Ransomware attack, at a cost of over $1.4 million.
Now, comes the question is it really even worth to pay the
ransom? The reason I say this is that victims
are now facing even much higher costs for recovery, including paying the ransom. If you factor all of this in based upon the number
I have presented in this blog, the total cost could be well over $2.2
million. Consider these statistics also
from the Sophos Report:
*While 99% of the victims could recover some of their data,
only 61% of them could recover those datasets that were encrypted.
*46% of the total respondents actually paid a ransom, and
out of that, only 4% were able to make a full data recovery.
Possibly another reason why companies in Corporate America
still don’t have the right back up strategies in place could be is that they
have become lazy about it all, because they have a comprehensive Cyber Insurance
Policy. But even here, things are starting
to get tight. Getting a Cyber Insurance
Policy is not getting the same as car insurance. Consider these stats:
*94% of the respondents have found that it is much more difficult
to get a comprehensive plan;
*97% have had to increase the total amount of their security
controls just so that they qualify as an applicant;
*Only 40% of the total number of Cyber policies actually
paid for the ransom payment.
My Thoughts On This:
In the end, no matter how much we do to protect our
businesses and the valuable data that resides in them, we all are prone to becoming
a victim of Ransomware. So, the key here
is how to mitigate the odds in that happening to you.
I have to be honest here, and I think that the best solution
now is just simply move what ever you have On Prem to a Cloud based solution.
I am sure that there will be a lot of resistance to this at
first, because it can be very daunting and nebulous at first. But remember, you are not alone in this
process. There are a ton of Cloud
Service Providers (CSPs) that you can hire that can take care of the entire
migration process for you.
Not only that, but you can also work with them in the long term
in order to make sure that all is up to speed with your Cloud deployment.
Also, go with a very reputable Cloud provider, such as that
of Microsoft Azure. They have all the
tools you need to protect your datasets.
Another reason why I say to use something like this is that redundancy
is a quick and easy process here. For example,
you can easily replicate your Cloud deployment across multiple data centers
literally around the globe.
So in case you are hit, your failover will be very quick, without
any disruptions experienced. Also, by
using the Cloud, any VMs that have been hit by a Ransomware attack can quite
honestly be deleted, and rebuilt again, in just a matter of five minutes or so.
So really, there is no reason anymore not to have a good
data backup plan in place, when a business owner now as all of the tools and technologies
available to them to make it happen.
No comments:
Post a Comment