Organisations rely heavily on the integrity of their IT systems to store data and conduct routine business operations from payroll to dealing with supplies, orders, tax and inventory. In theory, corporate servers store huge amounts of sensitive personal and commercial data, safeguarded by data privacy laws and complex security systems.
Attacks by clandestine operators on public and private companies made for gain have become increasingly common. Originally malicious software (“malware”) was anticipated to be used by state agencies for attacks on enemies of the state including other nations’ governments departments and agencies. Because of the conflict in Ukraine, this concern has risen higher on the list of acute priorities.
Commercial organisations, for obvious reasons, serve as tempting targets, as their IT security could be breached by software available on the dark web, enabling clandestine operators to freeze or seize data. A cyberattack not only poses a significant security risk but also incurs a considerable financial cost. In 2021, the average cost of a data breach reached its highest point in 17 years, escalating from US$3.86 million to US$4.24 million annually. (IBM Cost of a Data Breach Report 2021).
We spoke to Mark Pugh-Cook of RMPC Consulting Ltd, a retired army intelligence officer who uses his experience as a consultant in risk and crisis management, threat analysis, and business continuity planning. He cautioned that clandestine operators pose a triple threat: they can decrypt data, demand payment to prevent its online publication, and threaten attacks on data owners. This practice is known as Ransomware as a Service (RaaS).
Ransomware attacks on the rise
Ransomware attacks are on the rise, targeting commercial organizations, government agencies, and individuals alike.
In May of last year, attackers targeted the US fuel network Colonial Pipeline, paralyzing its operations. Within days, Colonial Pipeline, in collaboration with the FBI, paid a ransom demand exceeding $4 million. Additionally, the attackers provided software enabling the gradual restart of computerised systems. Consequently, the FBI managed to recover over $2 million of the ransom.
In early July last year, cyber attackers directed their assault at US IT service provider Kayesa, potentially impacting hundreds of global customers. They demanded tens of millions of dollars in ransom. Subsequently, reports of the Pegasus malware attacks underscored the vulnerability of individuals, government entities, and businesses to privacy breaches and data theft
How businesses can prevent ransomware attacks
Clandestine operators can find a way in even through powerful and complicated computer systems. There are a couple of strategies that businesses can employ to reduce their vulnerabilities:
Run mock attacks
Various organisations run mock attacks, with or without the knowledge of their IT security specialists. This is with the aim of strengthening the integrity of their software and protections. Simulation attacks aid organisations in pinpointing vulnerabilities in their cybersecurity infrastructure. Consequently, they can remediate these weaknesses before an actual cyberattack occurs
Train employees for increased cyber-awareness
Enhance cyber awareness among your organisation’s personnel to mitigate attacks involving bribery or blackmail of key employees. Providing training and counseling to staff is vital for monitoring these vulnerabilities. Occasionally, key information is inadvertently exposed in public or left insecure.
Cyber awareness training for all staff, from the senior management team downwards, is an essential tool for erecting barriers to attack. Encourage staff to promptly report any possible breaches and view IT security personnel as allies in our defence against attacks.
How to respond to cyberattacks: disaster recovery plans
Large organisations typically have established contingency plans and dedicated teams to swiftly respond to IT system and data attacks. IT and security personnel, alongside executives from the C-suite, collaborate closely to execute coordinated and pre-planned responses, aiming to minimise risk and disruption Legal advisors will be called on to deal with the key legal points including:
- Advice on reaching decisions to mitigate risk or damage to services, reputation, customers and staff
- collaboration with other commercial organisations including competitors
- Liasing with regulators shareholders and financiers to keep relevant parties informed and gain support for key decisions
- Obtaining prompt advice on dealing in alternative currencies and respecting data protection and privacy rights
- Installing and operating back-up systems.
How to strengthen your business’ cybersecurity
Contact 360 Law Services today to explore how we can help implement protection and contingency plans against attackers.
In the event of an attack, don’t hesitate to contact us or your usual legal advisors immediately. Remember, privileged communications with external legal advisors can play a crucial role in preserving business continuity.
For more information on mitigating Malware or Ransomeware attacks, head to National Cyber Security Centre.
