Curtis Preston, chief technical evangelist at Druva, discusses the increased risk of ransomware attacks over holiday weekends such as Memorial Day and the steps organizations should be taking to prepare.
With holiday weekends like Memorial Day, businesses need to remain vigilant to rising ransomware threats. This couldn’t ring more true as today’s geopolitical challenges have come to a head, and thousands are on guard for a rise in cyberattacks.
Cybercriminals are notorious for launching large-scale attacks during long holiday weekends when businesses are likely to be closed. In fact, it’s the peak season for them to extort money from businesses because many are generally short-staffed, and network security can easily be overlooked.
Recent events have only made this more clear. For instance, one of the world’s largest meat suppliers, JBS, was the victim of a ransomware attack over Memorial Day weekend last year. The attack, later known to be attributed to the notorious ransomware gang REvil, halted the operations of several of the company’s processing plants throughout the country.
A few months later, the same ransomware group orchestrated the largest cyberattack known to date on the eve of the fourth of July weekend. IT management provider Kaseya was the unlucky target, and by the time they realized they were affected by the malicious REvil code, over a thousand businesses were impacted. This included grocery store chains, school systems, and even a national railway system. Hackers even managed to sour last year’s Halloween, targeting candymaker Ferrara, disrupting production for days.
As we’ve learned repeatedly, holidays come with a dark side. However, research shows that although 90 percent of security professionals are concerned about experiencing a ransomware attack over a holiday, nearly half feel they do not have the right tools in place to manage it. Unfortunately, those who wait to strengthen their security posture a few days prior to a holiday shutdown will be exponentially more at risk. Sometimes, it might even be too late; hackers will have already made their strike.
Steps to Stay Ransomware-vigilant
Don’t let cybercriminals steal your cheer. In order to do so, you must prepare now by taking the following steps:
- Give the gift of data resilience: Partner with a third-party solution built in the cloud that can give you the gift of cyber, data, and operational resilience. This will ensure your data is backed up and protected in an air-gapped, immutable architecture. It will also provide advanced recovery options that will get you back up and running in minutes if you face a cyberattack over a holiday weekend.
- Follow the golden rule: Always make at least three copies or versions of your data stored on two different media, one of which is off-site. Store your data off-site in a separately managed account to be even more secure.
- Have a plan in place: Because experiencing a ransomware attack is not a question of if but when it is critical to have an incident response plan in place, so you know what to do when the worst-case scenario occurs. It’s also safe to assume that hackers won’t be taking time off during the holidays, so plan ahead and designate a team of security professionals to be on staff so you can be ready to respond if this moment comes.
- Add cybersecurity training to your checklist: Employees need to be made aware of common security threats such as phishing and know how to avoid them. Because holidays are a prime target for cyberattacks, make cybersecurity awareness courses a requirement before employees unplug for the long weekend.
Unfortunately, you can’t stop hackers from targeting your business. However, if you take the necessary precautions now, you will be able to meet this moment with resilience and peace of mind that your business-critical assets will be safe and kept out of hackers’ hands.
Article by W Curits Prestor – Chief Technical Evangelist, Druva