TECH4GOOD
The dreaded ransomware malware showed its deadly fangs again last month when a high-profile government insurance agency was attacked. I do not have a good handle on the circumstances, how the attack happened, and the extent of the damage done to the agency. All I know is the potential danger of having the agency's millions of members' personal identifiable information (PII) and medical records exposed to the dark web and made public. I am praying the data has not been compromised as the possibilities are unimaginable and scary.
According to a recent Kaspersky article, ransomware attacks target organizations, big and small, every 11 seconds, causing $20 billion in annual damages globally. The damages caused may be in the form of ransom money paid, organizational productivity losses, reputational hit, or a combination of the three.
“As always, leaked information in the hands of cyber criminals allows them to impersonate or deploy social engineering scams. With exposed data, hackers can get to you whether online or offline — they can send you messages, they know where you live, they can steal your identity and make unlawful financial transactions pretending to be you or hold on to your data to sell it for further financial gain,” says Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky, a leading global cybersecurity and digital privacy company.
One of the most damaging malware today is ransomware which is a threat to both organizations and individuals alike. It typically spreads through phishing emails, malicious attachments, or infected websites. It is a type of malware that encrypts a victim’s files preventing or limiting users’ access to their system. The ransomware then displays a message demanding a ransom payment in exchange for the decryption key. In the case of the recent government agency attack, they actually got hit by the Medusa Ransomware variant. In some cases, victims have paid ransoms amounting to millions of dollars to recover their data. However, there is no guarantee that paying the ransom will actually lead to the decryption of the files.
In recent years, there have been a number of high-profile ransomware attacks, including the WannaCry attack in 2017 and the Colonial Pipeline attack in 2021. Most of these attacks are all about money. According to the same Kaspersky article, their researchers reported that the going rate on the dark web for personal details is $10 each, selfies (photos) with documents fetch for as high as $40 to $60 each, and medical records are sold and bought for as much as $30 each.
What makes organizations vulnerable to malware?
The problem usually starts with the leadership team thinking that matters like cybersecurity is better left to its IT group. In this super-connected digital world, cybersecurity has become the accountability of the CEO. It is beyond IT because it is not just about protecting computers and networks. It is about protecting people, data, the reputation of the organization and its leaders, and its very existence. And because cybersecurity is a shared responsibility between all members of an organization, from the CEO to the front-line employees, it has to be a strategy.
Cybersecurity has to be a strategy because it is a critical and proactive approach to protecting an organization’s assets from cyber threats. A cybersecurity strategy should be aligned with the organization's overall business strategy and should be regularly reviewed and updated to reflect changes in the threat landscape.
There are several ways of looking at the significance of cybersecurity. First, it is a business issue. Breaches can damage the reputation of the organization, cause regulatory liabilities, and lead to financial losses, and operational disruptions.
It is also a people issue as employees are often the weakest link in the cyber threat link. They can be fooled into checking phishing emails, opening malicious attachments, or sharing sensitive information with dark web players. Leaders should look at cybersecurity education and training as essentials for reducing the human factor in breaches.
Finally, cybersecurity is a data issue. Every organization today collects and stores large amounts of data, including customer information, financial data, operational data, and intellectual property. This data runs the organization and has become a target for ransomware criminals to hostage victims into paying ransom. Every organization needs to have strong data security measures in place to protect their data from unauthorized access, disclosure, manipulation, or destruction.
A cybersecurity strategy, therefore, is essential for any organization that wants to protect its assets from cyber threats. It can help identify and mitigate cybersecurity risks, reduce the impact of breaches by providing a plan for responding to every incident and recovering from them, ensure that the organization is in compliance with cybersecurity and privacy regulations, and enhance the organization's reputation as a secure and reliable organization. ([email protected])
(The author is an executive member of the National Innovation Council, lead convenor of the Alliance for Technology Innovators for the Nation (ATIN), vice president of the Analytics and AI Association of the Philippines, and Vice President, UP System Information Technology Foundation.)