You Can't Hide from Robots

In recent weeks we have been bombarded with news of major cyber attacks across the country. The fallout from the 2020 SolarWinds Supply Chain Attack is still being uncovered, the shutdown of Colonial Pipeline, and now they attacked our precious steaks! When will the madness end? In Short: It's going to be a long and bumpy ride.

While news coverage tends to only reveal the BIG attacks, it is important to remember that in 2020 alone it's estimated that over 300 MILLION ransomware attacks occurred and of those 43% were small businesses. One of the most common reasons I hear from business owners about why they make the decisions they do around IT security is because they don't believe it can happen to them, and for a while, that may have been true. But in 2021, we need to re-evaluate our risks and understand that small businesses make up a huge portion of the victims of these attacks. Hiding was never a good strategy, but it no longer works at all because these attacks are sophisticated and have become highly automated.

Phishing is the largest point of entry for ransomware attacks, and while sophisticated "spear phishing" attacks do take place, the bulk are attackers using a "spray and pray" model where they send out as many emails as they can to as many people as they can and just hope for a bite, this means there is no hiding. You don't have to be specifically targeted to become a victim, and the botnets responsible for sending these messages don't care what your company does, how big or small you are, and they don't sleep. All it takes is one person with network access to click a link they think is real then enter their credentials and you go from a nice calm day at the office to playing "where is that incident response plan we talked about last year?", and no one wants to ask that question.

It is important that we acknowledge we are all at risk, but more importantly that we all have a social responsibility to be part of the solution. As the saying goes "a rising tide lifts all boats", and when it comes to information security protecting yourself also means you are protecting others. As noted above, botnets play a role in many of the attacks we see, and being a victim of an attack means that not only are your assets at risk, but you risk becoming part of an attack against other businesses.

If you aren't sure where to start, here are some questions you can ask yourself to get an idea of where your security posture may need some work. There is no magic bullet to stop these attacks, but if we all work together, we can make the attacker's jobs a whole lot harder - and that is a win. Ransomware is a business, it exists becasue it is currently profitable becasue the time and cost of a successful attack is sufficiently lower than the ransom they are paid. We need to change the cost side of the equation to win this fight.