In the first of a series of articles, we take a look at the rise of cyberattacks and malware on businesses, their financial impact and the growth of ransomware as an extortion technique that is costing the U.S. economy billions. Business owners need to remain alert to the dangers that could potentially damage not only their reputation but their bottom line, too.
The recent attacks on Microsoft® Exchange have once again brought malware and network security into the spotlight. Allegedly, the attack began as a Chinese state-sponsored spyware attack against individuals, using vulnerabilities and unknown flaws in Microsoft Exchange software.
This has rapidly escalated into a global hacking crisis, widely reported to have claimed at least 60,000 victims worldwide, mainly targeted at small and medium-sized businesses that did not apply proper patches in time.
Here in the U.S., the Center for Strategic and International Studies (CSIS), a bipartisan, non-profit policy research organization, has profiled some recent memorable cyberattacks. According to their reporting, in May 2020, cybercriminals stole $10 million from Norway’s state investment fund in a business email compromise scam that tricked an employee into transferring money into an account controlled by the hackers.
More recently, in February of this year, the U.S. Department of Justice indicted three North Korean hackers for conspiring to steal and extort more than $1.3 billion in cash and cryptocurrencies. And in the same month, a 10-strong cybercriminal gang were arrested after engaging in a campaign that tricked telecom companies into assigning celebrities’ phone numbers to new devices, stealing more than $100 million worth of cryptocurrencies.
In practically all of these scenarios, cyber attackers have targeted personal and commercial sites via their email systems that have been compromised due to poor security or bad housekeeping on the part of users. With the rise in people working from home and being more digitally active, cyberattacks have risen steeply, with cybercriminals finding increasing numbers of people vulnerable to their attacks.
Helping Prevent Ransomware and Malware
The installation of malware or ransomware onto a company’s information system can often be the result of carelessness or poor email protection practices. Ransomware is malicious software that infects computers and displays messages demanding a fee to be paid in order for an information system to work again. This class of malware is a criminal moneymaking scheme that can be installed through deceptive links in an email message, instant message or website.
Despite intensifying email security and encouraging best practices among employees, many firms are still being successfully attacked; it takes only one slip by one employee to potentially bring down the organization’s entire network.
A reliable way to prevent such attacks is to deploy endpoint protection that will block all malware and ransomware from executing, regardless of how it arrives at the endpoint. Endpoint protection solutions that rely on AI to detect anomalous behaviour still risk missing the attack because they need to recognize that the behaviour is wrong and then prevent it before it spreads. The only reliable way to prevent such attacks is “zero trust”; the endpoint is completely locked down to prevent execution of all executables except those the user specifically permits – which they must only do once the software has been verified as safe.
The Cyber Lockout® solution combines a zero-trust cyber security solution from GBMS Tech with a choice of a full cyber insurance or ransomware only insurance policy. Cyber Lockout reliably blocks malware and ransomware and, just in case the worst did still happen, provides insurance for losses resulting from successful malware and ransomware attacks.
The opinions and statements made herein are intended for general informational purposes only and should not be viewed as a substitute for any legal or other advice on any particular issue or for any particular reason. While the information provided herein has been compiled from sources that are believed to be reliable, no warranty, guarantee or representation, either expressed or implied, is made as to the correctness, sufficiency or adequacy of such information.
Keywords: cyberattack, ransomware, cyber insurance, ransomware insurance