business White House Urges Companies to Watch Out for Ransomware Threats June 17, 2021 Business leaders…you’ll want to check out a recent letter from the White House which details new ransomware attacks and how you can protect your business. Although not a new threat, the White House is urging companies to be alert against ransomware attacks. In a recent letter to corporate executives and business leaders, the White House asks businesses to step up security measures to protect against ransomware in light of recent attacks at a major meatpacking company and the biggest U.S. fuel pipeline. We shed light on these attacks and what you should be doing to mitigate risk here. What is a ransomware attack? Ransomware is a form of malware (malicious software) that encrypts a victim’s files so they cannot access files, databases or applications. To restore access, the attacker will demand a ransom from the victim, which can range from a few hundred dollars to thousands, payable to cybercriminals in Bitcoin. Recent Threats The White House’s letter is a response to two recent attacks- one on a major meatpacking company- JBS and the other on Colonial Pipeline, which operates the largest petroleum pipeline in the U.S.. JBS lost $11 million in ransom in response to the hack against its operations and Colonial lost nearly $5 million (they later recovered $2.3 million). What does the letter address? With subject: “What We Urge You To Do To Protect Against The Threat of Ransomware,” the letter details the President’s and Federal Government’s plan to strengthen the U.S.’ resilience for cyberattacks. This letter is part of a broader effort to encourage businesses to step forward in the event of a cyberattack and report it. What steps can you take to protect yourself and your business? In the letter, they urge business leaders to do six things now: Implement the best practices from the President’s Executive Order- Multifactor authenticationEndpoint detection and responseEncryptionSkilled, empowered security teamBackup data, system images, and configurations, regularly test them and keep the backups offline- Be sure to regularly test backups so that in the event of an attack, your organization can restore systems more effectively and efficiently. Update and patch systems promptly- A centralized patch management system can help you maintain the security of operating systems, applications and firmware in a timely fashion.Test your incident response plan- Test your plans to assess where the gaps are—under your current systems are you able to sustain business operations?Check your exposure - Test your systems’ security using a third party penetration tester and regularly conduct vulnerability scans of your environment.Segment your networks- It’s crucial that your corporate business functions and manufacturing/ production operations are separate.Evaluate the security of any third party vendor that may have access to your environment such as information technology managed services providers. Always be on the lookout for gaps and weaknesses in your systems! Need help assessing your business’ resilience against ransomware attacks? We can help- contact us.