What is Ransomware:
Ransomware is malicious software with a singular goal: to extort money from its victims by holding their data hostage. Ransomware is a type of malware that uses a virus to encrypt all of the files on your computer or your organization’s servers/network. Ransomware holds all of your sensitive and confidential files hostage until you pay a fee. If you do not pay the fee the attackers will threaten to either permanently disable your system or publish your data online
Logistics as a Target:
Logistic firms are becoming a frequent target of these attacks. Cybercriminals have learned to take advantage of the fact that Logistics firms are vulnerable to ransomware as they cannot afford the exponential effects caused by a break in the supply chain. Cybercriminals view the logistics sector as fragile due to mission-critical software that runs day-to-day. Ransomware attacks have targeted several logistics companies in the last few months alone. Australian Logistics giant Toll Group a freight and delivery service company operating across more than 1,200 locations in 50 countries was a target in January of 2020 and had to shut down more than 1000 servers. In December of 2019 ransomware shut down Truckstop.com’s affecting multiple services including the app-based load board, factoring, carrier onboarding, RFP tool, real-time freight monitoring, SaferWatch, and ShipperMate. Ransomware also shut down Lousiana’s DOT, affecting Carriers’ ability to obtain permits. In December 2019, the Coastguard reported that a Cargo terminal was forced to shut down operations for more than 30 hours when attackers took over their system.
What is at Stake:
Reported ransomware attacks rose to 205,280 in 2019, a 41% increase. The average ransom paid jumped to $190,946 in the last quarter of 2019. With many companies not reporting such attacks these numbers are thought to be much higher. Ransomware attacks cost businesses more than $75 billion per year, but the costs do not end with the ransom payment. Companies attacked by ransomware have to deal with the loss of customer trust, the cost of downtime, and the impact on their reputation. The scary part is that 75% of companies infected with ransomware were running up-to-date endpoint protection. Many of the cybercriminals launching these attacks come from countries such as North Korea and Russia where they are unlikely to be charged, and they demand ransom payments in Bitcoins to avoid being tracked.
How do the Criminals get into the system?
All it takes is just 1 of your organization's employees to click something in an email to shut-down your entire operation. ****These "viruses" most commonly enter an organization through email phishing scams where the sender uses social engineering to pose as a colleague, well-known bank or company (i.e. MFST, UPS), and may even pose as the CEO of your company. Once in your system, the criminals sometimes wait for weeks to attack while looking for vulnerabilities to exploit.
How to avoid an attack:
Back-up everything on the cloud including your CRM, spreadsheets, documents, accounting invoices, etc. Make frequent, comprehensive backups of all important files and isolate them from local and open networks. Seventy-four percent of cybersecurity professionals view data backup and recovery as the most effective solution to successfully respond to a ransomware attack. Train your entire company on email phishing scams, and instruct them not to open email attachments unless they are sure who the email came from. Make this training mandatory and ongoing for your entire organization. Consider sending phishing emails to employees to see if they will open the attachment for training purposes. Use anti-virus and anti-malware software or other security policies to block known payloads from launching.
Have your IT department make system backup a top priority. Have the IT department review all servers regularly. Keep offline backups of data stored in locations not connect to your regular system such as external storage drives or the cloud, Install the latest security updates issued by your operating system and software vendors. Remember to Patch Early and Patch Often to close known vulnerabilities in operating systems, browsers, and web plugins. Consider deploying security software to protect endpoints, email servers, and network systems from infection. Segment your networks to keep critical computers isolated and to prevent the spread of malware in case of an attack. Turn off unneeded network shares, and admin rights for users who don’t need them. Finally, restrict write permissions on file servers as much as possible. With careful planning, you can mitigate the damages of a ransomware attack.