Sales: 833-761-0695
Support: 509-465-1234 x 2
Remote Support Login
See Service Pricing

Enterprise Business and Ransomware

The manufacturing industry has embraced automation and digitization as timelines have gotten tighter and business continuity has become essential. These aspects, along with the high-value data that manufacturing enterprises own (intellectual property, trade secrets, etc.) have made these types of companies more attractive cyber attack targets. Keep your supply chain running smoothly by protecting against…

by

marketing@torchlight.io
in

Preserve business continuity by protecting operations and developing a reputation for security among your clients. Here’s what to know about recent attacks so you can adapt your security strategies.

Typical Attack Vectors Used Against Enterprises

Ransomware techniques constantly progress and evolve, allowing cybercriminals to utilize more tactical and discreet approaches. In the past decade, hackers used a randomized approach, attacking different types of enterprise businesses, to see if they gained entry to one that could be a good target for a ransomware attack. Today, enterprise ransomware attacks have not only become more specialized, but they’ve also become micro-targeted.

Threat actors select a target and watch them over time, uncovering vulnerabilities and planning an ideal time to attack. Enterprise businesses have been subject to standard asymmetric encryption algorithms, searching for overlooked system vulnerabilities (phishing email, leaked access credentials, etc.). Often, the threat actors that were able to find these vulnerabilities are different than the ones perpetrating a ransomware attack. That is how sophisticated and specialized this process has become.

Once they have access, hackers adopt a mostly “lateral movement” technique, silently establishing their presence throughout the network and encrypting all devices at once. Once the threat actor has access, they can plan an attack for a crucial time when the business is most likely to pay a ransom.

Enterprise Attacks and What to Learn from Them

JBS USA processes 1 million pounds of the nation’s meat supply, which is equal to a quarter of America’s beef. The meatpacker was hit by the infamous Russian ransomware group known as REvil. JBS was forced to halt operations for one day at 13 plants, causing disruptions and delays. They ended up paying $11 million in bitcoin to avoid further disruption and mitigate damage to other food suppliers (farmers, grocery stores, restaurants). “We felt this decision had to be made to prevent any potential risk for our customers,” said the CEO. Enterprise businesses can learn from the experience of JBS. Being proactive with protection is important and knowing where your vulnerabilities lie is the first crucial step toward improving security hygiene and minimizing the effects of attacks.

One of the most impactful ransomware attacks of 2021 was the Colonial Pipeline attack. DarkSide ransomware group froze the financial IT systems of the Colonial Pipeline, impacting millions of drivers by causing gas shortages throughout the southeastern U.S. The attack caused the Colonial Pipeline to shut down the fuel supply on the east coast for six days. After a few days of uproar and chaos, Colonial Pipeline paid the group $4.4 million.

The Colonial Pipeline attack had a larger impact on the ransomware community than originally expected. The attack caused increased scrutiny from government operators, which forced DarkSide underground. Additionally, many ransomware operators went dark for several months to wait out the period of intense scrutiny. However, you shouldn’t let the absence of high-profile attacks lull you into a false sense of security. After this high-profile attack went wrong for DarkSide, security experts now expect threat actors to go after lower-profile (but still lucrative) targets, which could mean that your business is next. What can you learn from the Colonial Pipeline attack? All of your systems, endpoints and assets are important – not just those in operations. A complete defense includes comprehensive security coverage.

How to Prepare for and Mitigate Attacks

It is important to take all the necessary precautions to minimize the likelihood and effect of a ransomware attack. Failure to do so can cause serious damage to not only your business, but others down the supply chain. TorchLight can help protect your company by:

• ​​Partnering with you. We understand your business’ unique needs, and we will customize protection for you. TorchLight integrates security strategy into business strategy to make security a tool for business progress.

• Properly securing your networks with cybersecurity technology. For example, TorchLight can help you automate your backups separate from primary systems. Isolating backups will help ensure you have a clean, uninfected system.

• Ensuring your employees are aware of cybersecurity practices. Training your staff on how to recognize potential threats and what to do if a security breach occurs. We’ll help you put a backup plan in place so that your organization is prepared and can continue operations as much as possible.

TorchLight can help properly secure your networks, automate your backups separate from primary systems, and help with employee awareness and training. We train your staff how to recognize potential threats and what to do if a security breach is made. TorchLight will help you put a backup plan in place so that your organization is prepared and can continue operations as much as possible.