Myth: Ransomware only targets large companies.
“Organizations of all sizes can be the target of ransomware, and ransomware is frequently aimed at small and medium-sized organizations.”
Cybercriminals are no longer targeting only major companies with deep pockets — they are also going after small and medium-sized businesses. Nearly half (43%) of cyberattacks are aimed at small businesses, yet only 14% of these businesses are prepared to defend themselves. As criminals develop more awareness around security flaws, they are becoming increasingly sophisticated in their attacks, and without the
proper infrastructure in place, organizations are left vulnerable.
Concerning Threats in 2021
Ransomware is a major threat for companies of all sizes. Last year 63% of CrowdStrike’s cases were ransomware claims, a considerable increase from a typical year. The company is also seeing various attacks using email as an entry point. In these attacks, the hacker will send an email to employees with fake information to lure the user into clicking a link. Once the link is clicked, the bad actor can deploy ransomware into their system in an effort for monetary gain.
Hackers have devised new and innovative ways to gain access to networks, detect open remote desktop protocol (RDP) ports, and uncover opportunities to launch attacks. Many companies have adopted cloud applications to support remote work, and these cybercriminals are targeting this infrastructure as well.
The following threats were noted by CrowdStrike as a main concern for 2021.
1. Ransomware attacks
Ransomware is a type of malware that denies a company’s access into its systems and demands payment for access to be regained. Payment is typically demanded by hackers through cryptocurrency, a credit card payment or untraceable gift cards. Although many companies are forced to pay the ransom in the hopes to minimize businesses losses, paying the ransom does not guarantee that they will regain access. In fact, paying up may even make that company a target of future attacks, as cybercriminals often share details on the dark web about companies that pay ransoms
2. COVID-19-related threats
The recent COVID-19 crisis brought on a “cyber pandemic,” as criminals discovered new ways to take advantage of vulnerabilities and gain access to systems. From ransomware to data breaches to unemployment fraud, COVID-19 has accelerated existing challenges and unleashed an entirely new set of obstacles in the insurance space.
3. Accessing open RDP ports
Hackers are developing new ways to get access to networks by detecting open RDP ports. RDP ports enable employees working away from their physical office to access computers and stay connected through remote work. This connection method has become more commonplace and is essential for many businesses, but open RDP ports can leave vulnerable pathways that allow hackers to cause irreversible system damage.
Strategies to protect against threats
Cyber threats have existed and escalated over the past few years. Many organizations “duct-taped” solutions together in an effort to keep up, but they are seeing the fall out of those improvised remedies.
Practices recommended to protect against threats include the following:
- Build a stronger backup strategy
- Use multifactor authentication.
- Implement a stronger endpoint solution
- Implement a stronger endpoint solution
- Invest in education.
- Ask for help when needed.
Be Cyber Ready
With threats moving at a faster and even automated pace, speed will be critical for organizations attempting to stay ahead of criminals. Companies need to develop strategies, and then frequently and rigorously test those strategies, so that they will be ready when cybercriminals target their organization. To learn more about cyber liability insurance and service please call.