Dresner Group Blog
Why are Ransomware Attacks on the Rise in Maryland?
The pandemic has forced most Maryland businesses to re-evaluate how they can be productive when things are turned on their head. Many businesses have found success in embracing modern technology to keep collaboration and production going. Unfortunately, with the success technology brings, there is also increased exposure to compromise, as ransomware attacks are rising.
Maryland Businesses Face Increased Ransomware Attacks
As with most issues affecting Maryland businesses these days, the underlying root of the problem can be traced back to a reaction to the coronavirus crisis. Traditionally, all a cyberhacker would want to do is grab the data and disappear. Their goal was to sell the information they'd stolen on the dark web or to some other entity as quickly and quietly as possible.
It's no coincidence that the first time a business realized they were hacked was after a dark web scan or by accident when a researcher found a bank's data freely available online. Any good hacker's goal was to do the job and get out unseen, but that was in a post-coronavirus world. The pandemic has changed this dynamic, and instead of the usual 'smashing and grabbing' of data, hackers are now staying in touch and demanding a ransom. Now more than ever, ransomware can floor your business.
Why? Because the data itself is of little value with whole swaths of people out of work, unemployed, or with their businesses closed down. What good is a compromised credit card number when so many people have already maxed out their credit due to trying to survive the pandemic? Who wants to steal the identity of someone who has been out of work for six months? There is more profit to be made for hackers by extorting businesses that are desperate to keep their doors open.
Why is Ransomware Coming to the Forefront?
Due to the pandemic, many (if not most) businesses have increased their reliance on technology to maintain their business during the crisis. For some industries, there are no face-to-face communications at all; instead, communication is done electronically. Additionally, companies have begun reducing and, in some cases, eliminating the need for paper documents. For many businesses, this is not a bad development, as it leads to their data being more secure (if done correctly) while reducing the need for finding space to store file cabinets of papers.
For example, hospitals who retain patient data on paper documentation are at risk of losing valuable information due to misadventure, as well as finding themselves on the wrong side of HIPAA compliance. One solution for this issue is to convert paper documents into electronic records. EHR and EMR are critical systems for pushing healthcare forward. Ironically, hospitals have become one of the three most targeted businesses for ransomware attacks, due to their reliance on technology. Now and going forward, it should be obvious that ransomware presents a big risk to Maryland businesses.
Imagine what turmoil would occur if these businesses suddenly lost the ability to access their information. Locked out of their computers, databases, and even phone systems—all during a pandemic, at a time when they are struggling to keep their doors open. It’s not a good situation. Now more than ever, your business needs to be concerned about ransomware.
How Hackers are Infecting Systems with Ransomware
More often than not, a ransomware attack is possible because someone on your team made a mistake. They used an easy to discover password, fell for a phishing attempt, or used the same password on multiple accounts. In fact, according to a recent warning to Healthcare and Public Health Sectors about increasingly aggressive attacks by cyberhackers, the leading cause of infection was due to team members falling victim to phishing attempts.
As phishing emails appear as average, legitimate business correspondence, it can often be challenging to recognize their danger. You must train your team to spot phishing attacks and educate them to avoid them in the first place.
As your team focuses on the pandemic's challenges, they may not be following best practices when it comes to security. Many of them are trading security in exchange for convenience or what may seem like efficiency. Your staff is the first defense against cyberhackers, but only if they follow best practices. Bad actors understand that, when people are under stress, they are more likely to make a mistake.
What can be more stressful to your team or business than trying to operate as close to normal during a pandemic?
Pay Attention to Social Engineering Attacks
Chances are, your customers are looking for assistance and solutions for their problems, problems your team would like to help them solve. Social engineering tactics are designed to capitalize on your team's desire to help. They create a situation where your team member may break protocol to help solve a “problem”. Unfortunately, this “problem” may be a phishing attempt designed to gain access to your business' network with malware. Once the malware has gained traction in your system, the ransom requests will follow.
No Backup Means No Ability to Fight Back
The only defense against a ransomware attack is a safe and reliable backup of your data. A backup allows you the confidence to “wipe” your systems and expunge any malware on your network. Hackers don’t like taking risks, and they know from experience that a ransomware attack will be successful most of the time due to weak security. They know few businesses, regardless of size, will have adequate cybersecurity protocols in place. They also know that when you back up your data, you protect your business.
The solution to this issue is having your data backed up and recoverable. Once you have a backup plan in place, there will be very few disasters, natural or man-made, that can disrupt your productivity to the point in which you may need to consider having to close your business. Simply put, without a thing to ransom, the cyberhackers have nothing to hold over you. Your backup of the data prevents them from holding your data hostage.
Reach Out to Maryland’s IT Specialists
This crisis has crystallized the need for business continuity.The pandemic has put many Maryland businesses on a knife’s edge, perhaps even yours. If you’re not worrying about a ransomware attack, you’re worried about your remote workers, if not them, then your PCI compliance as you take more online orders. You don’t have to go it alone.
Now is the time to consider investing in a comprehensive IT plan. Comprehensive IT provides your business with a wealth of services geared toward giving your business the technology support you need to be successful. For more information or to schedule an appointment, call Dresner Group at 410-531-6727 today.