Ransomware Hits Everywhere: No Industry is Immune

How data breach response and privacy protections are becoming the new line of defense against ransomware

Data breaches continue to be an escalating threat but ransomware is the hottest cybersecurity risk facing all industries at a near epidemic pace. The Cybersecurity and Infrastructure Security Agency (CISA) has said that ransomware is “quickly becoming a national emergency.” In fact, the U.S. Department of Justice (DoJ) has elevated ransomware investigations to the same priority as terrorism. With digital extortion becoming such a prominent threat, no industry is immune. This epidemic of attacks requires an enterprise review — no matter what industry you’re in — to include data breach preparedness, a plan for the inevitable breach, and also employee benefit offerings that could help mitigate risks. After all, if organizations can take proactive steps toward minimizing ransomware attacks — by offering their clients, customers, and employees identity and privacy monitoring — everyone wins.

Every day, more businesses and organizations are finding their critical data held hostage and collectively paying millions of dollars to get it back. Experts predict that a ransomware attack happens every 11 seconds, and by 2025, organizations will invest more than $1 trillion in their cybersecurity. "Ransomware attacks among businesses are on the rise, and I truly believe that, in order for corporations to be protected, they must be prepared for when an attack may occur. Adopting this thinking can better help corporations prepare for incident response and mitigation,” said Ian Kelly, CHPC, vice president, IDX. Need some more background on how ransomware attacks and how it spreads? Take a look at Trading in Fear: The Anatomy of Ransomware to learn more about how organizations can protect themselves and be on the alert.

Victims of ransomware are often faced with exorbitant sums — in the millions of dollars. according to Harvard Business Review. The DOJ estimates that $350 million in ransom was paid to cyber criminals last year, representing more than 300% increase from the previous year.

FBI Tracking 100 Active Ransomware Groups; New Ransomware Hub Launched

The FBI is attacking this “sizable problem,” according to an NBCNews article. What we’re seeing in ransomware news headlines could be the tip of the iceberg. The Washington Post reports that many ransomware attacks go unreported. “We believe that only about a quarter of ransomware intrusions are actually reported,” states Eric Goldstein, executive assistant director at CISA. “Congress, urged on by the nation’s top law enforcement agencies, is pushing to require companies to report ransomware attacks in an effort to help the government understand the scope of the threat.”

This month, the U.S. government announced an online hub for the victims of ransomware attacks, with resources for companies and municipalities. The new website, www.StopRansomware.gov, is an initiative led by the United States Department of Homeland Security (DHS) and the DOJ. In related news, there is a newly-launched effort to reduce ransomware attacks and track down cyber criminals, especially those backed by foreign governments. The U.S. government will pay $10 million for helpful tips, according to a Reuters article. “The Department of Justice is committed to protecting Americans from the rise in ransomware attacks that we have seen in recent years," stated Merrick Garland, United States Attorney General.

No Shame in Ransomware: Get Response-Ready

Companies are often reluctant to come forward when they’ve been hit because of the risk of casting a shadow over their brand, outlines an article in The Washington Post. With ransomware being the newest, prevalent threat, why not be proactive? Organizations themselves can take proactive steps within their own organization, starting with their employees.

Learn more in, HR’s Guide to Protecting Employees, for answers to administrators’ and brokers’ most common questions.

Especially in today’s highly complex and dynamic cyber threat landscape, “it’s not a matter of if your company will face a digital attack, but when,” stated Tom Kelly, president and CEO at IDX. Getting your organization response-ready will better protect your critical assets — data — minimize risk, not to mention gain a peace of mind. IDX offers a no-cost Master Service Agreement (MSA) offering that provide the quickest response times if and when a data breach happens. Ransomware is often hidden for a long time before it starts attacking a company’s system. Organizations that provide their employees a proactive, privacy protection solution will help detect suspicious activities early — even lurking ransomware — and reduce risks to the organization.

Learn more about the IDX Privacy Platform, built to help organizations protect their consumers and employees from the latest privact threats.. To keep your enterprise privacy in good shape and stay ahead of privacy demands, you’ll want to check out IDX’s turnkey privacy solutions. Check out the eBook that examines the epidemic of ransomware: what it is, how it gets into your systems, and what you can do about it: Ransomware 101: What to Do When Your Data is Held Hostage.

“With good preparation and cybersecurity hygiene, and a plan in place, your company will reduce risk and be better prepared to deal with the unthinkable,” recommends Brenda R. Sheraton, litigation partner and the global co-chair of Dechert LLP’s Privacy + Cybersecurity practice, in her Harvard Business Review article.

Indeed: with a proactive approach to data breach response planning, privacy protection, and empowering your employees, customers, and members with proactive digital identity privacy awareness and solutions, you’ll be able to better secure your organization and your people from emerging threats, including ransomware. If you are a privacy or security professional and would like help in proactively planning your company's cybersecurity defense, contact us for this complementary Cybersecurity Healthcheck.