As we talk about in our security awareness training sessions, one of the biggest changes in the past decade of IT is that your data has value, and one of the ways it has value is that if a malicious actor were to gain access to it and encrypt it, thereby preventing your access to it, you would have to pay a ransom to regain access. This is commonly referred to as a Ransomware attack, and for several years, this has been the biggest security concern for many. However, it’s now but one of many costly risks.
Starting a couple of years ago, the bad guys started to realized there are other ways in which they could extort their targets. For example, if they had enough access to encrypt data, why don’t they steal the data first, for which they could then extort a second ransom. Known as Data Exfiltration, the risk of having proprietary or sensitive data stolen added to the damages of an attack.
However, the latest trends highlighted in the Acronis Cyberthreats Report Mid-year 2021 is the Quadruple Extortion Tactic seen in most events in the first half of the year. These include:
- Encrypt the data (ransomware)
- Release the data (data exfiltration)
- Denial of Service attacks (coordinated attacks on a victim’s internet connections, blocking their ability to conduct business)
- Harassment of customers, partners, employees, and contacting the media to embarrass the victim (reputational risk)
Small and Medium Businesses (SMBs – commonly thought of as 250-employees or less) are at the greatest risk. They’ve seen a 33% increase in ransomware payments in the 1st half of 2021, and there’s been a 70% increase in the number of victims whose data was released when stolen.
The challenge is that in order to prevent these attacks, a small business has to be right every time. A malicious actor only has to be right once.
Therefore, the best defense is to develop a Security Mindset. Embrace strong password hygiene and management practices, enable Multi-Factor Authentication on everything, and accept mild inconveniences when security updates, such as those associated with PrintNightmare, occur because the pains of a minor printing inconvenience are minuscule compared to the pains of a modern cybersecurity incident.