How your board can minimise the risks of ransomware attacks
Wendy Barnes, joint head of the Transpire Cyber Security Faculty and associate of Templar Executives, outlines why ransomware is on the rise and how your board of directors can protect its organisation from an attack.
Ransomware has become the most talked about aspect of cyber security, with experts estimating that attacks will occur every 11 seconds in 2021.
And they are costly. The average ransomware attack causes about 15 days of downtime, costing around $1.85m (£1.36m) to recover from an attack.
As board members, it’s important to stay proactive about ransomware to guard your business against attack.
So, how can your board of directors be prepared? Start by understanding the basics of ransomware and be sure that your organisation has a policy in place. Not only should it outline how to prevent an attack, it should also include an action plan to respond, should the worst happen.
What is ransomware?
Ransomware is malicious software used by cyber criminals with one aim in mind – to extort money from its victims. It’s one of the most prolific criminal activities in existence today.
This has been driven by people and businesses having to (or deciding to) pay multimillion-dollar ransoms that criminals demand rather than face its devastating impact.
The biggest single ransomware attack ever recorded was by Russia-linked hacker organisation REvil. It affected hundreds of businesses in the United States during the Independence Day long weekend in July 2021.
How ransomware is spread
Ransomware is usually spread through:
- Phishing emails that contain malicious attachments
- A user unknowingly visiting an infected website and then downloading malware and installing it without realising
- Non-secure Wi-Fi
- Mobile device features such as emergency notifications and relaxed permissions
The rise of ransomware attacks
2021 has seen a steady rise in the number of cyber attacks and the size of ransoms demanded, with cybercrime and attacks reported to be up 600% due to the pandemic according to the UN.
The focus has shifted from individuals and businesses to managed service providers (MSPs), who provide technology services to several clients. This means that if a cybercriminal gets access to one MSP they can reach several organisations that use that MSP at the same time.
During the pandemic, cybercriminals have also been taking advantage of industries that have been hit the hardest, such as healthcare, public services and educational facilities.
These criminals also see the pandemic as an opportunity to target employees that are now working remotely on their personal devices. IBM warns that remote work has increased the average cost of a data breach by $137,000.
How your board can help prevent cyber attacks
As a board member, you can start by being curious about ransomware.
1. Ask the right questions
Ask yourself and your board these questions:
- What are our critical information assets (those that would stop the business operating if they were attacked)?
- Are we continuously reassessing the vulnerability of these assets to cyber attacks, including against ongoing ransomware attacks?
- What protections are in place to protect these critical information assets?
- What is our plan to respond to cyber-attacks, including ransomware attacks, and is this plan tested and exercised on a regular basis?
2. Do some wider research
There are many other questions the board could ask. The National Cyber Security Centre (NCSC) Board Toolkit is an excellent resource to guide you and its information on mitigating malware and ransomware attacks is also worth exploring.
Sadly, ransomware is here to stay and it will continue to evolve as a way for cybercriminals to extort money.
The best approach any board can take is to take proactive action in three main ways. First, mitigate the risk; second, defend against an attack and third, be prepared to respond and recover from the top down and across the organisation.