The cost of cyber-attacks to the global economy has risen to more than 400 billion US dollars per year. Cyber-attacks affect every business, from small companies to enterprises and governments. Recovering from attacks is expensive and time-consuming. So, how to make an organization more resilient to cyber-attacks in today’s digital world?  

Digital transformation has changed the business and delivered new opportunities to organizations. However, going digital also increased the risk of becoming a victim of a cyber-crime. Fighting cyber-attacks are an unfair battle because companies face a silent enemy. In most successful attacks, organizations only learn about the attack when it is already too late. This is the case with ransomware, an attack that encrypts files and frequently also steals data of an organization until a ransom payment is made. Nitish Deshpande describes the evolution of ransomware in an article "How to Protect Yourself From Ransomware in 2022".

Attacks have no border 

In the last years we have seen many different ransomware attacks across the globe affecting every industry and organizations of all sizes. Several of these attacks caused major damage. Here are some prominent examples of the past few years:   

  • In 2019 the city of Baltimore was a victim of a ransomware attack called “RobinHood”. This attack encrypted files and shut down all the servers except essential services. Attackers claimed a ransom of 100 thousand US dollars to give the access back to the state and threatened with permanently deleting the data. Consequences reached enormous proportions: real estate transactions could not be completed, card payment and debt checking were inaccessible, and city employees lost access to their email accounts. The recovery took the city several months and costed approximately 18 million US dollars.  
  • At the beginning of 2021 the Colonial Pipeline ransomware attack left the US in checkmate. A bug invaded the system and impacted the computerized equipment managing the pipeline.  President Biden declared a state emergency in Virginia since 71% of the filling stations in the area were out of fuel for several days. This was known as the largest cyber-attack on an oil infrastructure target in the history. Overseen by the FBI, the company paid the amount asked by the attackers to sort the problem: 4.4 million US dollars.
  • In May 2021, the Health Service Executive of Ireland suffered a major ransomware attack that affected the entire country and caused the IT systems to be shut down nationwide. The attackers claimed 20 million US dollars threatened to publish patients’ information online. The Irish government did not pay the ransom and, unfortunately, data of 520 patients have been published. Ireland spent more than 100 million US dollars to recover the HSE system after the ransomware attack.
  • In May 2022, the Ministry of Finance of Costa Rica was hit by a ransomware attack that affected, among others, customs, and HR systems. The consequences affected the national economy, especially because the customs stopped processing import and export taxes and the salary of public employees was suspended for a month. The government declined negotiations with the muggers, but it ended up paying high expenses anyway: 9 million US dollars were used from the reserve to pay the salaries and pending movements that were on hold due to the attack. The country remains under national emergency alert.

The beneath of the iceberg 

Unfortunately,  it is not possible to avoid attempts of attacks, and there has been a considerable increase of ransomware attacks since the COVID-19 outbreak: Ransomware During the Pandemic Crisis. Companies need to prepare themselves as best as they can to survive that moment. The obvious detriments are related to data compliance, technical issues, and large investments in the cybersecurity system. However, this is just the tip of the iceberg.  

The damage on a brand name is difficult to revert. The brand is one of the most valuable assets in business and being the target of a cyber-crime would devaluate the name and reputation of the company. This is a major issue since there are several expenses arising out of it such as losing reputation and breaking current customer relationships, devaluation of trade name of the organization, and high costs due to operational disruptions.  

Intellectual property loss is another major issue. It damages the name of the organization, as well as slowdown the business growth.  If third parties access trade secrets or publish documents that are under copyright, it would be hard to recover customers’ trust.   It would require efforts from different teams, which means time spent to sort this problem, and thus money loss. 

The only thing a company needs to become a target is to be online, and as such, the key is to stop thinking about “if a cyber-crime occurs” and change the mindset to “when the attack comes”. Becoming more resilient and vigilant is part of a good cybersecurity strategy. Mike Small, a Senior Analyst of KuppingerCole explains this very well and advice steps to follow  in case of the worst scenario: When will Ransomware Strike? Plan for the Worst.

It is vital to realize that while cybersecurity professionals work on refining the prevention tools, hackers are developing in parallel their tactics, techniques, and procedures to bypass the controls and succeed in their next attack.  The priority then, is understanding the potential risks and focusing on programs to minimize the impact and thrive against a cyber-crisis. 

To learn more about different ways of protecting your organization against a ransomware attack you can watch the following video: Analyst Chat #3: Protecting Your Organization Against Ransomware.

Learn about the business impact of cybercrime at CSLS 2022 

At Cybersecurity Leadership Summit 2022 there will be many sessions dealing with the business impacts of cybercrime. Join us if you want to learn how CISOs can promote business agility while at the same time minimize risks, how cybersecurity can become a business enabler, how Denmark provided eIDs to citizens and businesses, or how to realize business benefits of security automation