Upgrade Cybersecurity To Protect Against Ransomware

Today cyberattacks are more threatening than ever, and make no mistake, transportation and supply-chain verticals are vulnerable. Hackers are very sophisticated and have discovered weak IT security postures in the industry.

They target organizations so they can steal data, ransom systems operations, use phishing campaigns to extract funds through fraudulent accounts, or steal passwords to commit identity theft. Once data is captured, hackers use it on the dark web to do damage. But all targeted organizations have one thing in common when it comes to security breaches: the need for digital capabilities so they can conduct business transactions. Today, having the right IT security is no different than having adequate insurance or disaster recovery plans.

The U.S. Department of Homeland Security says ransomware attacks increased by 300% from May 2020 to May 2021. Usually, smaller business is the target. But not always. Here are a few examples of larger organizations that were hit.

1. Expeditors is a Seattle-based freight company that brought in $10.1 billion in revenue last year. It had to shut down most of its operating systems globally after discovering the cyberattack.
2. Swissport, a Swiss airport management service, reported a ransomware attack affecting its IT systems that were later attributed to the BlackCat ransomware group.
3. Axis, the Swedish camera maker, is still struggling to deal with a cyberattack that hit its IT systems on February 20.
4. In 2017 the world shipping giant, Maersk, was hit by NotPetya malware and the company’s operations around the world ground to a halt. One report said that all end-user devices, including 49,000 laptops and print capability, were destroyed.
5. Last year, in Canada, systems for Newfoundland and Labrador's healthcare authority were taken out in an October cyberattack and everything had to rebuilt from scratch, starting with backups.

Here are five signs you may be in trouble:

1. Your software vendor has been attacked.
2. Your system begins to degrade.
3. An employee clicks on a suspicious email, allowing the hacker to collect that person’s employee password and then access company data, including online banking.
4. Suspicious network activity.
5. Company files are encrypted, resulting in a message that says you are facing a ransomware situation.

What to do? For starters, if it looks like you’ve been attacked, ask yourself these questions:

1. What was stolen?
2. What systems are down?
3. How much will it cost to fix?
4. What social impact will this have?
5. What are the legal implications?

Our organization – a cross-border transportation and supply chain solutions company – has automated manual processes like order entry and the management of customs forms so all our freight transactions are digital. We also have an IT-focused firm that handles our ever-growing IT security needs, as well as those of clients. And a big priority is to prevent downtime. The real cost of IT downtime includes damage to client relations, as well as to finances, employee retention, business growth, and more. This is bottom-line stuff.

Most business leaders are aware of this, but what do they do to minimize risk? In fact, many IT security breaches are “silent killers” with sophisticated technology that penetrates a company’s weak systems before the organization even knows it has been attacked. Still, there are techniques, training programs, and system infrastructures that will help deter hackers.

Antivirus protection is no longer enough. Not in the present world of digital integration, privacy regulations, and increasing connection complexity.

Today digitally-enabled companies must be effective – throughout the organization – with security knowledge and experience. That means having a chief information security officer and an IT security group that works with the IT and operations side of the business. The IT security team must have authority to refuse connections it thinks add risk to the organization and to clients. While all this costs money and adds layers to system processes, it should be a priority.

Here are ways to strengthen your IT security:

• Add in solid SIEM (security information event management) protection for current system foundations.
• Hire dedicated IT security management staff and services to monitor your proactive/ counteractive measures. Think of these people as the organization’s IT asset security guards.
• Use end-user training programs for cybersecurity awareness, protection, and proactive password management. This is for all employees.
• Use two-factor authentication solutions – preferably for the entire organization, but at least for senior-level executives and decision makers.
• Combine security efforts with your cloud-hosting solutions providers to provide additional levels of protection. But you need to know what to ask for and how much you want to spend.
• Firm policies for privacy and systems usage must be part of your code of conduct, and again, this is for all employees.
• Establish a disaster recovery plan for IT security. It should incorporate a return-point objective and a return-to-operations plan. Such a plan should include a fully manual contingency should all systems fail. Indeed, how can you do business with no email, no transactional systems, no billing, and/or limited communications? In this day and age it’s impossible, which is why you need a playbook.

If your company’s IT infrastructure is attacked, your IT personnel must know right away if the organization can keep its client obligations. Can you keep selling? Can you still deposit money and pay bills? Can your staff continue to work?

There is no question that every organization needs to determine potential risks and security gaps. But if it’s hard to get a handle on this, you might want to hire an outside team that is expert in cybersecurity. This team can provide an IT security overview of the company, identify what is sufficient and what isn’t, along with recommendations that will close the doors on big and immediate risks.

You don’t have to fix everything at once. Instead, take incremental steps to address the whole system after filling in critical security holes. This way you know your risks, have the right pieces in place to protect the foundation, and are focused on being proactive and educated. Remember that hackers are unforgiving and the hit to your company’s reputation and brand can take a long time to repair. Customers remember IT security breaches.

Finally, here is the rule for system backups and we call this the 3-2-1 rule. Store three copies of your data on two different mediums and keep one copy offsite. Why? Most IT disaster recovery plans or business continuity plans tend to be static in nature. “We have the plan so we’re all right.” Not quite. Often, only vague procedures are attached to these plans. What’s more, those procedures may be tested once a year by the person who wrote them. This isn’t adequate.

So, move your infrastructure offsite and sign a hosting contract with teeth. Also, know that old technology is more susceptible to risk because it’s typically installed on a single server with slow recovery times.

An expert consultant should be able to: gain an understanding of your IT business objectives, build a migration plan, ensure your cloud systems are resilient with multi-location availability, secure your systems, and maintain those systems around the clock every day of the year. Anything less these days isn’t enough.