I have been wondering for a while now where the tipping point will be? What will be the final wake-up call that there is a cybersecurity crisis? When will governments get involved? Well, it is here; these questions are about to have an answer. This past week the US government declared that it would use similar protocols for ransomware attacks as it does for terrorist attacks. Why does this matter? This is fundamentally a massive shift in the approach and should help pull much-needed resources and international support toward this urgent and complex threat.
Ransomware attacks have been steadily growing and over the last year, hitting more and more essential industries like infrastructure, transportation, hospitals, police, and government agencies. Which has changed the urgency, bringing a greater sense of awareness and concern to how ransomware potentially impacts our day-to-day lives. We all feel the disruption when these essential industries are attacked, increasing the likelihood that companies will pay to alleviate it. Cybersecurity and cyberattacks overall are uncharted territory for governments. There are a multitude of questions, challenges, and approaches that will require formal laws and clarity. So, I see this progress from the US government as a crucial step in the right direction.
With the recent attack on the Colonial Pipeline, we saw a memorandum from the White House. But, frankly, not the enormous worldwide outcry I believe the event deserved. I recommend reading my colleague Alex Restrepo's article on the Colonial Pipeline for more details. This week we witnessed more shocking attacks: Fujifilm in Japan, which produces devices instrumental in processing COVID-19 tests, and JBS, the world's top meat producer. The White House addressed the JBS attack directly during a press conference on Tuesday, June 1. In a memo sent out on June 3, the National Security Council's top cyber official, Anne Neuberger, writes to corporate executives and business leaders that the private sector needs to better understand its critical role. "All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location," Neuberger writes. "We urge you to take ransomware crime seriously and ensure your corporate cyber defense match the threat."
Alas, cybersecurity hygiene is the hot topic of the week. Rightfully so! It is a complex challenge that will require all hands on deck to combat; from employees and corporations, to governments and political unions. At Veritas, we urge you to take the threat seriously and prioritize an aggressive, multilayered cybersecurity strategy, cybersecurity hygiene, and always be prepared!
Here are some tips for impeccable cybersecurity hygiene to implement immediately:
No company is safe. A multilayered cybersecurity plan along with impeccable cybersecurity hygiene is essential. We urge you to take the threat seriously. As Anne Neuberger writes in the official White House memo, "The private sector also has a critical responsibility to protect against these threats. All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location."
Learn more about how Veritas can help here and read more about testing and other best practices in, The Path to Greater Resiliency: How to Recover from a Ransomware Attack.