In the latest WFG INSIGHTS, Bruce Phillips, SVP and Chief Information Security Officerof WEST, a Williston Financial Group company, gives host Brian Bushlach a dire overview of ransomware’s current devastating threat and explains how education and a cybersecurity helpdesk can help prevent a company from inviting a breach leading to multi-million dollar extortion demands and compromised consumer information.
Criminals are not targeting individuals any longer. “Any company, regardless of the business sector, is now a potential target,” Phillips said. “If you’re a software provider, a bank, a title company, an oil producer or a manufacturer, you’re a target.”
Statistics about the growth of cybercrime are changing so fast that they would be outdated within a week, Phillips explained. In addition to the highly visible Cloudstar ransomware attack, Phillips spoke of one of the largest current examples now taking place in Europe, which Americans are less aware of, with a demand price of $70 million.
Criminals are doing a lot more research. “They’re getting into your systems and they’re staying there for a long time. They’re finding your crown jewels, and before they encrypt the data, they’re stealing that information,” said Phillips. That is how it’s moving more into extortion.
“At the core of most of what we’re seeing is not a technology attack but ‘phishing,’ social engineering to fool people into clicking a link. Once you click the link, that might turn into a technology attack – such as ransomware,” Phillips added.
Then they follow the normal path for ransomware, which is encrypting all your data, and then taking away your access to that data and telling you they have your data, it’s encrypted, and they want money to let you gain access. And if you don’t pay they’re going to sell the data to someone, give it to your rival, or just put it on the Internet, explained Phillips.
Criminals now research their targets to find the value of the company’s cyber insurance coverage. “So if you have a $5 million cyber policy, they’re going to ask for $5 million,” Phillips said. “It’s going to be whatever they think they can get out of you. But, the other thing is they’ve stolen your data. And what they’re going to do with that data you don’t know. Now it has to be treated as a breach.”
The bottom line, Phillips warned, is, if you are on the Internet – if you have a presence on the Internet – you’re a target. And while the ransoms demanded in ransomware attacks are huge, the follow-on damage through the breach and compromised consumer data is “as big, if not bigger.”