Amid all the coronavirus chaos, hackers have seized the opportunity to strike: a new wave of ransomware attacks has struck companies of all sizes across the globe.
The Israel-based software company Sapiens reportedly paid hackers a $250,000 ransom in Bitcoin earlier this year. Though the company has yet to confirm or deny the attack, an anonymous inside source reported it to Calcalist. Sapiens also hasn't reported the incident to either the American or Israeli exchange commissions.
While this ransom cost substantially more than the usual average of $40,000, it's nothing new. GPS giant Garmin also fell victim to a ransomware attack this year and remained similarly quiet about it. Reports claim that hackers demanded $10 million from the company, but it's unclear if Garmin paid them.
More recently, Canon reportedly lost 10 terabytes of data to hackers holding it for ransom. Canon hasn't confirmed or denied anything but says they're investigating the situation. While it's still uncertain, the incident has all the signs of a ransomware attack.
Rising ransomware attacks amid COVID-19
These cyberattacks are just a few of many that have taken place since the onset of the pandemic. Cyberattacks are far from rare, but they saw an unprecedented spike in 2020. Large-scale attacks are up 273% in the first quarter of 2020, with ransomware rising by 90%.
This spike in cybercrime is most likely due to cybersecurity challenges amid the ongoing pandemic. The Sapiens cyberattack came as hundreds of its employees moved to remote work, creating new vulnerabilities. Companies have to reconfigure their security to work on employees' personal devices on their home networks, which can create an opportunity for hackers.
Even if a company handles the shift to remote work well, there's still the human element to consider. With all the confusion surrounding COVID-19, people may be more likely to click on any email or link that promises answers or support. Most ransomware comes from phishing emails like this, so panicked people are much more vulnerable.
Defending against ransomware and other cyberattacks
Cybercrime may be on the rise, but companies can still protect against it. Perhaps the most critical step is reemphasizing the importance of proper security practices with employees. As much as 90% of cyberattacks are the result of human error, so making sure employees remember protocol is essential.
Ransomware, like the Sapiens cyberattack, usually starts as a suspicious email or link. Employees should know how to spot these questionable messages and remember not to click anything they can't confirm is from an official source. Companies can hold videoconferences to remind workers of security best practices and policies.
As employees work from home, securing their devices is crucial to cybersecurity. Providing anti-malware software and looking for a solution that can handle these new endpoints can help mitigate new threats. Requiring employees to use a dedicated network for work purposes can also help companies make sure workers' connections are more secure.
It's also essential to keep all software up-to-date. A lot of ransomware, like the recent NetWalker attacks, takes advantage of vulnerabilities in programs that a patch may fix in short order. Updating everything as soon as possible helps prevent these attacks.
Cybersecurity is as critical as ever
In the face of these rising threats, companies must pay close attention to their cybersecurity. Defending against cyberattacks has always been crucial, but it's more critical now than ever. With incidents like the Sapiens, Canon, and Garmin cyberattacks growing costlier by the year, businesses can't afford to ignore these threats.
Keeping employees safe amid the COVID-19 pandemic is essential, but so is securing sensitive data. Recent trends indicate that companies need to consider both when transitioning into new processes. This spike in cybercrime is alarming, but with the proper security measures, businesses can stay safe.