In a recent article, The Washington Post outlined the ways in which ransomware attacks are harming everyday citizens, from missed chemo appointments and delayed ambulances to closed schools and risks to our nation’s food and fuel supplies. Ransomware is a global threat and not just an abstract issue at which corporations and governments can throw money in hopes of fixing the problem. Just last month, the personal accounts of Canada’s Chief of IT Security were hacked. Last year, the password for a local Columbus organization’s CEO was used to infiltrate their email systems and divert a large invoice payment to hackers.
Most Businesses and Public Entities Are Not Taking Cybersecurity Seriously Enough
For years, firms like thinkCSC have been talking about the need for improved security and infrastructure, the need for better email security and employee awareness training, and the desperate need for better password security and password management. The Colonial Pipeline attack that disrupted the fuel supply to the Northeast last month, happened as a result of a compromised password from a former employee without MFA. While the government has been able to recover about a million in cryptocurrency paid by the company to gain access to their network, it might not have happened at all had the company shut down that employee’s access when they left, or if they’d required MFA for all their employees to begin with.
These Crimes are Costly to Companies, but Customers Are Being Hurt the Most
When an organization neglects to employ best practices for cybersecurity, leaving themselves vulnerable to an attack, the cost to that organization in terms of dollars can be significant, but such a vulnerability can cause even more harm to consumers. The Colonial Pipeline attack resulted in panic buying of fuel. Some people were so desperate that they were filling plastic grocery bags with gas; the damage to one person’s car that had caught on fire was exacerbated because the entire back of the car was filled with gas cans.
Cyberattacks Could Be the Next Pandemic-Sized Disruption
Scientists have been warning governments about the potential of a global pandemic like COVID-19 for years, and we still were not prepared to handle it. The same is true of warnings about cybersecurity. For years, people in the IT security industry have been warning governments, businesses, and individuals about the risk posed by cyber criminals.
“We’ve been warning about this overtly for more than eight years and a lot more quietly for longer, but now that it’s manifested, the silver lining is that we’re not starting ice cold,” said CISA’s Joshua Corman to The Washington Post.
Yet we are midway through 2021 with reports of serious, consequential attacks occurring that are creating significant and dangerous disruptions. We must – collectively as a global society and individually as organizations and households – implement measures that will thwart cybercriminals before they can cause a global disruption to food, medicine, or energy –attacks that could end up being deadlier than COVID-19.
“’It’s not only that it’s getting worse, but it’s the worst possible time for it to happen,’ said Robert Lee, chief executive of Dragos, an industrial cybersecurity firm,” in the interview for The Washington Post article. Lee explained that for every attack making headlines, there are 20 to 30 additional cyberattacks going on that don’t make the news.
We’re at a Tipping Point
There is no more time to delay. We are at a tipping point concerning our ability to secure our networks and prevent these attacks from becoming the next in a growing line of global events. It’s going to take the cooperation of governments and large corporations. But it can’t stop there. Every organization – small businesses, sole proprietorships, and freelancers – must do their part, as must each individual. We have a number of resources on our blog and in our resource library that can help you be more prepared.
You need to start now.
At thinkCSC, we believe that in order to achieve maximum success, regardless of the size or type of your organization, you must make IT an integral part of your overall business strategy. To do this, partner with IT professionals who not only understand how to leverage technology to their advantage, but who are also committed to understanding your business goals and aligning your IT strategy to those goals. We pride ourselves on having the best business-savvy technical experts in the industry. If you’re a growing mid-size business at a crossroads with your IT, let’s talk about the steps you need to take now to solve this pandemic-level problem.