CEO Corner June 2021

CEO Corner: Ransomware Atacks are Here to Stay-and There's Nothing Fun (nor FUD) About Them

For decades, the phrase ‘fear, uncertainty, and doubt’ (often shortened to FUD) has been a propaganda tactic used in sales, marketing, public relations, and politics – as a strategy to influence perception by spreading negative or false information appealing to a particular audience’s fears.

For years we have been warning businesses in the healthcare, dental, legal and construction fields about the real-world threat ransomware poses to their reputation and bottom-line…and that no enterprise big or small was immune.

While many took our advice and fortified their IT infrastructure accordingly…others I am certain wrote it off as…FUD.

Well, here’s a FACT: In just the past couple of years, ransomware hacks have evolved into more frequent, sophisticated, and targeted cyber-terror attacks – and our country is now in the midst of a full-scale cybersecurity crisis that has become an extremely lucrative criminal enterprise.

Brazil-based JBS, the world’s largest meat processor, just fell victim to a concerted hack – in turn shutting down about 1/5th of all U.S. beef production. Last month U.S. oil production was severely impaired by a ransomware attack against Colonial Pipeline. In that case, Colonial paid a $4.4 million ransom to the Russia-based criminal group to unlock its systems and data.

These two hacks are just the latest in a rash of ransomware attacks, which include the targeting of a water treatment plant in Florida, and the Texas-based SolarWinds IT company. They also offer a dramatic warning about how quickly criminal hackers could send an entire economic sector into a tailspin.

It gets worse…this is just the tip of the iceberg. Whether you’ve got 10 employees or 10,000, your risk of getting blind-sided has never been greater – particularly in the U.S. healthcare sector, which by last fall had seen a 71% increase in ransomware attacks

Last November, the FBI, HHS and the Cyber Security and Infrastructure Security Agency under the Department of Homeland Security issued a warning for hospitals and healthcare providers to stay guarded against ransomware. The advisory stated six U.S. hospitals were attacked from October 26-27 – and a list of more than 400 targeted hospitals was circulating among the Russian hackers, who claimed to have infected more than 30 of them already. The hackers use TrickBot and BazarLoader malware – distributed through phishing email campaigns that contains a link to a Google Drive, which they control. The emails may contain the recipient or employer’s name in the subject line or email body.