The State of Ransomware: A Bigger Fear Than COVID-19

What do security professionals fear more this holiday season – ransomware or COVID-19? Believe it or not, they’re more concerned with the former.

That’s according to a flash survey of nearly 50 senior cybersecurity professionals taken at Optiv Security’s November OptivCon Virtual event. When asked, “What do you think is the greater threat to your business this holiday season: Ransomware or COVID-19?,” 60% of respondents said ransomware.

These survey results reveal just how big of a problem the ransomware epidemic is: We’re in the midst of a global health pandemic that has taken trillions of dollars out of the global economy, yet many security professionals are more fearful of ransomware. Why? In many cases, it’s because they don’t have an effective ransomware incident response (IR) plan in place – and therefore, they don’t know what to do when a ransomware attack occurs.

Another Communications Breakdown

While the solution to the ransomware problem might seem simple (prepare for it and put a plan in place!), there’s an underlying reason why so many companies are caught unprepared when the crisis strikes – and it’s rooted in the classic disconnect between cybersecurity and the boardroom.

Company leaders don’t understand that ransomware is a corporate crisis – not a cybersecurity problem. They think it’s the CISO’s job to block ransomware attacks, rather than leadership’s job to be prepared to respond to a successful attack. Unfortunately, this narrow view of the ransomware problem dramatically increases the potential harm that can result from the attacks.

The Ransomware Playbook

Similar to the IR plans and playbooks developed for data breaches, successfully dealing with ransomware also requires a strategic IR plan that methodically details the procedures for rapid response to and containment of incidents. The overall goal is to limit the risk of impact to the business.

At a minimum, an IR plan should include:

  • Working backups,
  • Detection and prevention controls,
  • Data classification and valuation of data,
  • Communication trees and templates, and
  • Rules of engagement with ransomware dealers.

On this last point, in the event of a successful ransomware attack, organizations have three choices: 1) they can attempt to recover from the compromise; 2) they can pay the ransom or attempt to negotiate; or 3) they can do nothing at all. The FBI’s stance is to NOT pay or negotiate with cybercriminals. While this is certainly a best practice and the outcome you hope for, it might not always be possible – for example, hospitals with patients’ lives on the line or companies that will go out business if they don’t pay up may have no choice but to pay. This decision is up to each individual company – and it should be part of a coordinated response led by the C-suite and board, executing according to a pre-established IR plan.

It’s also important to note that having an IR plan is not enough – it also must be tested and reviewed on a continuous basis, and important procedures must be practiced frequently. Professional basketball players, for example, will practice hundreds of free-throws even though those shots are worth only a single point. Companies should spend the same amount of rigor on issues as important as responding to a ransomware attack that could cost their company millions of dollars.

The Evolution of Ransomware

Ransomware attacks, as they are executed today, are stressful enough for companies .... and it’s about to get worse. In 2021, we expect ransomware to become increasingly sophisticated and even more dangerous. Specifically, we believe:

1) Ransomware attacks will start to compromise our critical infrastructure, potentially holding entire regions of the country hostage.

2) Deepfake videos will move beyond a way to spread misinformation and morph into a new form of ransomware (i.e., extorting companies for money with the threat of releasing a damaging deepfake video).

3) As internet-enabled technology becomes more embedded in physical systems and medical devices, the loss of human life due to ransomware attacks will become a real consequence.

Having a coordinated business and cybersecurity IR plan is one of the most effective ways to overcome the fear of ransomware and minimize the business impact of these attacks. And, with ransomware attacks expected to become more complex and dangerous in the coming months, IR plans will become mandatory for an organization’s response capability and survivability.

If you don’t know where to start, learn from the experiences of companies that have previously been targeted by ransomware campaigns and seek the advice of cybersecurity experts. Don’t wait to act until it’s too late and your company is in full-fledged crisis mode. Put a plan in place today that will shore up your defenses against ransomware, and reduce the potential damage of successful attacks.

Featured

  • AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

    The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now

  • Report: 2025 Video Surveillance Market Set to Grow After Small Decline in 2024

    Novaira Insights has unveiled its latest report, “World Market for Video Surveillance Hardware and Software – 2025 Edition.” The research indicates that the global market for video surveillance hardware and software experienced a slight decline of 0.3% in 2024. This performance fell short of previous forecasts, primarily due to a significant decrease of 7.8% in the Chinese market. Conversely, the rest of the world saw a growth of 4.9%. The global market for video surveillance equipment was estimated to be worth $25.0 billion in 2024. Read Now

  • Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

    KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, recently released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. Read Now

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.