Top 6 Ways to Handle Ransomware Attacks
Cyberattacks are an increasing threat to facilities. Here are some steps to help prevent hacks or minimize damage. November 8, 2022
By Dave Lubach, Managing Editor
As facility managers start to turn the page on the calendar and set their sights on 2023, one of the continuing challenges they face are cyberthreats to their institutional and commercial facilities.
A recent webcast from Doug Cahill, the vice president, analyst services and senior analyst for the Boston-based Enterprise Strategy Group (ESG), described how cyberthreats remain an ever-increasing risk to managers and the important information that facilities’ IT systems are protecting.
In the webcast, Cahill revealed the disturbing results from an ESG survey about the regularity of attacks: 13 percent of the businesses surveyed reported that they experienced daily attacks; 17 percent reported weekly attacks; and 17 percent experienced them monthly. Making matters even worse, Cahill said that 73 percent of those businesses attacked experienced financial distress or disruption in their systems.
The numbers are even more alarming when you consider that paying the ransom doesn’t always mean the end of issues. ESG found that 56 percent of the businesses surveyed admitted to paying the ransom to recover their information, with 61 percent of that group admitting they paid a second ransom. And just because businesses pay ransoms, it doesn’t mean their information comes back, as the survey found that only 4 in 10 businesses received back 75 to 100 percent of their data.
Cahill placed businesses into four different stages of cyberattack readiness. He classified businesses as:
- Novice (29 percent of respondents)
- Aspiring (33 percent)
- Maturing (23 percent)
- Leaders (15 percent)
The Leaders are setting the bar for cyber readiness, meaning more than 60 percent of those surveyed would be considered below standard to prepare for an attack.
As managers look to the future, Cahill offers up six tips for facilities to handle ransomware attacks:
- Establish a strong multi-disciplinary team that includes stakeholders from all areas of the business, including facility leaders, IT, security, risk management and the C-suite.
- Respond swiftly to attacks. When an attack occurs, be ready to include communications teams, legal teams, and any other departments deemed crucial to restoring security and ensuring data is secure.
- Rehearse practices to ensure data is safe. Subject employees to email tests, conduct tests for data recovery, communicate with employees regularly about the importance of protecting systems and valuable data from the bad guys.
- Secure infrastructure configuration. Know where data is protected, how it is protected, and ensure backup systems and data is also protected.
- Operationalize backup integrity validation. Don’t assume that backups are safe. Cybercriminals can easily hack into backup systems when they tap into a system.
- Take extra measures to protect backups by using other systems and processes such as immutability (compiling data that can only be written, not modified or deleted) and air-gapping (storing backup in a secure off-site location).
Dave Lubach is managing editor for the facilities market.
Next
Read next on FacilitiesNet