When will the threat of a cyberattack be enough to spark real organizational resilience?
Recent ransomware attacks serve as another reminder of the impact cyberattacks can have on organizations, governments and society
Ransomware attacks are on the rise, with increasing persistence and sophistication by threat actors who are adept in evasion techniques. On Friday 7 May, a ransomware attack was reported by the largest gasoline pipeline in the United States. And they paid nearly $5 million in bitcoin for the encryption key. While the pipeline is fully operational now, many US gas stations were still without fuel two weeks later. On 14 May, ransomware took down Ireland's health service's IT systems, which left most of the country's hospitals without computers for over a week. That means medics had limited or no access to patients' records, among other critical impacts. The most recent attack on global food producer JBS shut down operations around the world.
These attacks on industrial, utilities, and life sciences and healthcare companies continue to grow in frequency and impact, leading industry experts to warn that failing to address key cybersecurity concerns may have even more devastating consequences in future attacks, to both economies and to critical infrastructure.
Every organization is vulnerable to ransomware attacks. Ransoms are paid because the cost is less than rebuilding the IT infrastructure based on the most recent backups. Organizations should be continually monitoring their processes that have access to sensitive data. Access control and data encryption management is the key to securing an organization – not only from ransomware, but from insider threats, rogue processes, malware and more. It's vital that the CEO and the board are fully equipped with the knowledge to deal with the prospect of a ransomware attack hitting their organization and are doing as much as possible to ensure this doesn't happen.
When there’s accessibility to valuable data, attacks will occur
Next-generation disruptive technologies from ransomware attackers are making it increasingly difficult to reduce the attack surface.
1Source: Gartner, Market Share: Security Consulting Services Worldwide, 2020, Elizabeth Kim, April 2021
2Source: IDC MarketScape: Worldwide Managed Security Services 2020 Vendor Assessment by Martha Vazquez, September 2020, IDC #US46235320e
3Source: ALM Intelligence; Cybersecurity Consulting 2019; ALM Intelligence estimates © 2019 ALM Media Properties, LLC. Reproduced under license
Authors and contacts
Emily Mossburg | Global Cyber Leader
+1 571 766 7048
James Nunn-Price | Asia Pacific Cyber Leader
+61 293 227 971
Simon Owen | North and South Europe Cyber Leader
+44 20 7303 5133
Amir Belkhelladi | Canada Cyber Leader
+1 514 393 7035
Deborah Golden | United States Cyber Leader
+1 571 882 5106
Peter Wirnsperger | Central Europe Cyber Leader
+49 403 208 04675
Nicola Esposito | Global Cyber Detect and Respond Leader
+134 918 232 431
By integrating data into your risk assessment models, you can create a common vernacular to empower your organization to devise risk-intelligent responses to cyber threats.
Trust can only be embedded into the health credential system if its rollout is firmly rooted in ethical imperatives.