As the pandemic swept around the world companies grappled with the ability to remain open and conduct business in a safe way. However, cybercriminals saw the increase in remote working as a perfect opportunity to attack staff and corporate networks with ransomware attacks. Reports began flowing in from companies all over the globe of ransomware breaches, and in South Africa the remediation average cost for a company was ~R6.4 million. This is an increase of ~R11 million from 2020 to 2021.
From Large to Small
Cybersecurity companies have noted that while the number of ransomware attacks on larger corporations seemed to have decreased, the attacks on remote worker experienced a drastic increase. Many of these employees had access to company networks which put both the staffer and organization at risk. Another interesting point is that the number of reported ransomware attacks had shown a decrease which may indicate that organizations were less likely to release their vulnerability condition. Ransomware breaches on remote workers are also a lot more difficult to recover from.
The Long Road to Normal after A Ransomware Attack
The disasters that occur in a ransomware attack were covered in a Forbes article:
“An independent global survey of 1,100 IT and cyber security professionals found that:
- Ransomware attacks hit 80% of the organizations in 2021.
- More than 60% of those who were hit by the attacks paid the ransom.
It can take months for a company to recover from a ransomware breach and, in some cases, the cost is so high that they never recover at all. Various reports have shown that a majority of organizations don’t feel confident that they can fend off a ransomware attack. As businesses make valiant attempts to return remote staff to their organization they are more focused on creating a COVID-safe environment and less on the protection of their networks; and cybercriminals won’t wait long to up their game. It’s expected that the number of businesses that will experience direct ransomware attacks will start showing a drastic increase.
Don’t Let Your Guard Down
Protecting essential systems is an essential step as part of critical infrastructure security. Working with a professional cybersecurity company to do risk analysis, upgrading programs, and training employees is part of the cost of doing business to mitigate cyber risks. An IT Department that may have functioned on “skeleton crew status” will need to be updated on all of the newer methods that the bad actors are using and review as well as alter the ways that they need to protect the company. Ransomware has been a threat on a global scale and some of the larger organizations are working in conjunction with international groups to assist and inform each other.
South African companies are increasing their budgets to try to keep ahead of the evolution processes of cybercriminals. According to a survey by World Wide Worx, more than 40% of South African companies that were surveyed are spending more on cybersecurity than was originally budgeted. The same survey indicated that the most concern that these companies had was the loss of devices from remote workers and access to company information from non-employees.
“Taking action to protect an organizations proprietary data from ransomware attacks has never before been so critical. Your contact with DaVinci Cybersecurity will immediately result in a review of current conditions, creating a risk and threat analysis, and coordinating educational efforts for employees to assist in keeping all alert and safe.”
Sharon Knowles, CEO DaVinci Cybersecurity