In December 2020, U.S. officials scrambled to shore up national cybersecurity after Russian government hackers breached the Treasury, State, and Commerce departments. The extent and fallout of these cyberattacks is still coming to light. While these were certainly the most high-profile recent cyberattacks, they were not alone. Cyberattacks, including those with the aims of ransom and extortion, are on the rise around the globe, and even small companies make tempting targets.
Cyberattacks can be devastating. In October, as the coronavirus pandemic raged, cybercriminals unleashed a wave of ransomware attacks on the U.S. healthcare system, holding their files and data hostage. At least five hospitals, including those in Atlanta and New England, were hobbled by these attacks. More than 5,000 computers in the University of Vermont Medical Center were infected with malware that encrypted data on 1,300 servers. The medical center lost roughly $1.5 million per day due to the attack. Around 300 employees were reassigned or furloughed when the medical center was forced to take down its IT systems.
Attacks using extortion and ransomware are growing. The rise in remote work gives cybercriminals an even more target-rich environment in which to operate. Cybercriminals aren’t just targeting governmental agencies or multinational corporations. They are looking for companies, big and small, that are underprepared for an attack. Now more than ever, organizations of all sizes should be working to mitigate the risks of cyberattacks.
These risks can often go unnoticed. Every day, end users unknowingly open themselves and their employers to risk of cyberattacks. There’s good news, though. Most organizations can significantly reduce these risks by raising awareness and taking specific actions. Leveraging the cloud is one of the most important actions that you can take. The cloud helps manage risks and gives you multiple layers of protection against the rising threat of so cyberattack.
What Are the Threats?
When we picture a hacker, we sometimes imagine a guy in a hoodie hunched over a laptop in a cyber cafe trying to steal your identity. This stereotype bears little resemblance to today’s reality: Cyberattacks come from multinational organizations with hundreds of collaborators constantly probing for a company’s weaknesses.
These hackers know what to look for—companies that neglect to regularly install security patches to vulnerable systems or that are falling behind in security training. Whether it’s a lack of savvy or awareness, hackers know that any system, no matter its size, is only as secure as its weakest point.
Data Theft as Bank Heist
There are three main tools cybercriminals can use to breach your systems. The first is the data equivalent of bank robbery—exfiltration. This occurs when someone hacks into your system and moves data to an outside server. In December, the Canadian VOIP company Sangoma Technologies Corp. was hit by hackers who breached their security and moved sensitive data to the hackers’ own storage site. On Dec. 24, the company’s accounting, financial, acquisitions and employee data was published. More than 26 gigabytes of data was put on the open web, along with company legal documents. It’s likely the data was published after Sangoma refused to pay the hackers’ ransom demands.
The Inside Job
The second major tool in the hacker’s arsenal is called lateral movement. A person enters your secure system with a legitimate set of credentials. Once they’re inside, they can exploit a security flaw to elevate those credentials, giving themselves more access and control. With elevated credentials, the cybercriminals can steal whatever data they want or even hold the company and its clients hostage.
Last October, a Finnish company was hacked with disastrous consequences. Vastaamo, a private company that provides therapy and psychotherapy services of Finland’s public health system, was targeted by hackers who stole the sensitive information of up to 10,000 psychotherapy clients. The hackers demanded ransom from Vastaamo. When the company refused to pay, the hackers then turned to extorting the company’s patients, demanding Bitcoin payments. If the hackers weren’t paid, they told the patients, their confidential conversations with therapists would be published.
The Confidence Man
Exfiltration and lateral movement require a degree of technological savvy. The third method hackers use, however, relies on human nature. Phishing attacks predate networks or computers. They are the con men of cyberattacks. Through phone or email or even in person, the hacker targets individual users, talking them out of sensitive information or persuading them to open a file or visit an unsafe website.
Last July, a wave of tweets from prominent business and political leaders such as then-presidential candidate Joe Biden, former President Barack Obama, and former New York City Mayor Michael Bloomberg seemed too good to be true. These tweets followed a common theme: “I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000.” Hackers had called Twitter and duped representatives into accessing a phishing site that stole their credentials. Using these special credentials, the hackers took control of accounts with millions of followers.
Cyberattacks Versus the Cloud
Each type of cyberattack can lead to devastating consequences. If you are underprepared, your organization is at risk. There is one way to significantly reduce your risk profile: turning to the cloud.
The cloud allows IT teams to better monitor and react to cyberthreats. Companies using the cloud can see threats before they materialize. In cloud-based systems, IT teams are more aware of large batches of data being moved, preventing exfiltration attacks. They also have more control over credential security to ensure that lateral movement threats are neutralized before they can level up.
If you are attacked by ransomware and your data is held hostage, the cloud helps you defeat these threats simply and quickly. Rather than paying hackers to unlock your data, you have immediate access to the previous version of cloud-backed files. You can be back up and running with mitigated loss of time and resources.
Ensuring Cloud Success
For these reasons, more and more companies are moving to the cloud. As they do, it’s important to ensure that their data migration is secure. To maintain this security, your cloud provider should encrypt all data in transit, follow compliance regulations, and avoid storing data whenever possible.
Data sovereignty is key. Many companies have specific security considerations, especially those handling governmental or medical data. To ensure compliance is met, it’s important that your data stays within specific regions or countries during migration where these data sovereignty regulations apply.
After the migration, user training is critical. For any employees or end users that operate within your systems, security awareness training must be provided. End users must be made aware of security protocols and processes—and why these must be followed.
Cybercrime threats are on the rise, as evidenced by attacks on governments and companies of all sizes. With the rise of the remote workforce and the growing sophistication of criminal organizations, threats to your organization will only become more urgent. This is why security must be a top priority.
Constant monitoring and patching can help avoid breaches, theft, and ransomware attacks. Tools such as the cloud are another important protection piece. By staying up-to-date and vigilant, you can rest easy knowing your company will be able to mitigate the risks of a cyberattack.