Ransomware Attacks in 2022: What You Need to Know

Every company is vulnerable to cyber attack — and I mean every company, small and large. Are you responsible for delivering half of the East Coast’s fuel supply? Vulnerable. Are you the largest beef supplier in the world? Yep, still vulnerable. The alarming surge in ransomware attacks has put a target on every company’s back, including massive organizations like Colonial Pipeline and JBS.

And small businesses, contrary to media coverage, are even more vulnerable.

So, you might want to pause before you think, “Ransomware attacks? That won’t happen to us!” After the events of 2021, it’s safe to assume that hackers didn’t just level the playing field… they decimated it. Fortunately, there are still several ways for businesses to fight back and protect their data, their clients and their livelihood.

Take a look at what we know so far about the coming ransomware attacks in 2022 and how your organization can kick off their culture of security with an action-oriented cybersecurity keynote speech at their next gathering.

What are Ransomware Attacks and Why Are They Exploding?

Let’s start with the basics: What is a ransomware attack, anyway? Put simply, a ransomware attack occurs when a type of malicious software, called malware, is downloaded onto any single computer in an organization’s network. Typically, this occurs when one employee unwittingly clicks on a malicious link and thrusts the company into attack-mode.

Once the malware has been downloaded, hackers are free to roam about your systems and wreak havoc unchecked. The culprit behind the ransomware attack often blocks access to data or every computer system in the business, usually by encrypting it, until a ransom has been paid. In the latest cases, hackers also threaten to publish the breached data if they don’t quickly receive the ransom. The prospect of destructive news headlines, reputation damage and fines for data exposure are often compelling enough to convince the victim company to pay up without seeking out the advice of a cybersecurity expert.

2021 proved to be not only the most dangerous, but also the most costly year on record for ransomware attacks. There were upwards of 700 million attempted ransomware attacks in 2021, a figure that beats last year’s totals by a whopping 134%. Curious as to what led to such a spike in ransomware attacks?

A blend of geopolitical and cybersecurity factors is to blame. For one, global organizations have become increasingly reliant on digital infrastructure, like the cloud-based computing that exploded in usage with the rise of remote work. Not to mention, today’s payment methods are simply more friendly to criminals — crypto currencies like Bitcoin are essentially untraceable once a ransom is paid, letting cybercriminals off the hook.

What You Should Know About Ransomware Attacks in Coming Months

Though you’re prepared with a basic definition of ransomware, vocabulary alone won’t exactly protect you in the case of cyber attack. The key is to move beyond awareness to action. To better prepare, here is some of what you can expect of ransomware attacks in 2022.

The Timeline for Paying a Ransom Has Shortened Dramatically

Once a ransomware gang has you under their thumb, they’re going to treat you like Amazon — in other words, they’re going to want same-day delivery for their demands. Hackers today are putting organizations under extreme pressure to pay a ransom quickly to unencrypt their computer systems or protect their data, often with devastating consequences if the ransom is not met.

In recent cases, a ransomware gang will expose an organization’s sensitive data in retribution, then alert the media and report the breach to the authorities — so, the company has to pay fines and weather bad publicity. Talk about a double whammy, right? Well, for ransomware gangs, it’s easier to extort money from one organization than to sell the data one record at a time on the dark web.

Take a look at the JBS cyberattack, for example. Hackers with the REvil gang threatened JBS that their $22.5 million ransom would double if it wasn’t paid quickly enough… and they would post the company’s data publicly if they weren’t paid within three days (generous, right?). JBS ultimately paid an equivalent of $11 million in ransom to ensure the company’s facilities remained operational.

Government-Issued Playbooks Are Available for Review

The United States is currently #1 for ransomware volume in the world, coming in with more than 203 million ransomware hits in just one year. This amount is more than 13 times the volume of ransomware in South Africa, the second-highest country; and in total, the U.S. had a higher volume of attacks than the other top nine countries combined… times four.

So, it should come as no surprise that President Biden recently signed a $1.2 trillion infrastructure package packed with cyber measures — after all, ransomware isn’t exactly something at which you want to rank number one. The Cybersecurity and Infrastructure Security Agency (CISA) has also published Cybersecurity Incident Response Playbooks for federal agencies to respond to vulnerabilities and hacks, which private companies are urged to review as well.

Don’t Know Who to Call After a Cyber Attack? Neither Does the FBI

If the U.S. is number one in the whole world for ransomware volume, can you believe that even the Federal Bureau of Investigation doesn’t know who to call in the event of a cyber attack? Just ask about the Colonial Pipeline ransomware attack, where Colonial employees had to contact at least seven federal agencies before they could find the right point of contact — seven!

Could you imagine being responsible for nearly half of the East Coast’s fuel and having 2.5 million barrels of fuel per day stuck in Texas, and the FBI has not a clue what to do about it when you call? The initial email Colonial Pipeline sent about the ransomware attack was ultimately forwarded between multiple people in the FBI before they could even start to provide guidance.

Realistically, there is no singular point of contact for organizations to call when they have been hit by cybercrime, either federally or locally. Even worse, most organizations haven’t established a relationship with the proper agency prior to getting attacked. You know ransomware response is in disarray when even the agencies tasked with solving attacks don’t know whose responsibility it is.

How to Fight Back Against Cybercrime in 2022

In 2022, small businesses will be just as, if not even more, vulnerable to cyber attacks than large-scale corporations. We must anticipate that ransomware gangs will act aggressively and that anyone — and I mean anyone — can fall victim to blindly launching malware onto a company network.

Here’s how you can fight back to not only protect your business and livelihood but also minimize the fear and confusion surrounding these attacks.

1. Manage User Accounts and Passwords

I’ve said it before and I’ll say it again: One weak password can bring an entire organization to its knees [watch the video]. The Colonial Pipeline attack? Operations were shut for six whole days and a $4.4 million Bitcoin ransom was paid due to one lone password. To safeguard against cyber attacks in 2022, do yourself a favor and clean up old user accounts and passwords.

Step 1: Encourage employees to set a totally unique password that does not match credentials on other websites. Using a password manager like 1Password, Dashlane or LastPass is a much stronger way to create and protect long and strong passwords that you don’t have to remember.
Step 2: Deactivate old user accounts and ensure previous employees no longer have access to company data.

2. Require Two-Step Authorization for Accounts

As more employees dial in from home, you must cyber secure your virtual office. I recommend starting with two-step authentication for all accounts. In the case of the Colonial Pipeline attack, a “complicated password” was felled by a legacy VPN with single-factor authentication. Two-step authentication, either with a text message or a dedicated authentication app, can minimize the impact of poor passwords and act as a second layer of protection for strong login credentials.

3. Create and Test an Off-Site, Offline Data Backup

An off-site, offline backup of your data is a must-have to restore after an attack. An off-site backup is a method of encrypting and transferring company data to a remote server that is geographically separate from the local system. This can centrally protect your company’s data in the event of an attack, and also ensure you will not lose crucial information if an attack does occur.

4. Construct a Long-Term Game Plan

The above tips will not be effective without a company-wide effort to enhance cybersecurity. Like I’ve mentioned before, just one password or one employee can kickstart an attack that spirals into millions of dollars of damage. Your cybersecurity is a continuous effort, so make a long-term game plan and document proper protocols to share with all relevant stakeholders in the event of a malware concern or ransomware attack.

5. Bring in a Cybersecurity Keynote Speaker to Motivate the Human Element

Now more than ever, cybersecurity relies just as much on human decisions within the company as it does the technology to protect the company’s data. To fight back against cybercrime in 2022, continue educating yourself and your team on the evolving cyberthreat landscape. To increase effectiveness, bring in an entertaining cybersecurity expert or dedicated cyberthreat speaker to keep your people engaged. Boring training does nothing to improve your culture of security.

A cybersecurity keynote speaker can help your company easily navigate the otherwise confusing and overly-technical components of cybercrime, network security, mission-critical data, and the human decisions that impact it all. In a fun and engaging manner, a cybersecurity keynote speaker unravels the layers of cybercrime to not only educate your team but also encourage them to take actionable steps towards effective data protection.

Now is the time to protect your data, your clients, and your livelihood. To avoid becoming the next disastrous data-breach headline, bring in a trusted cybersecurity keynote speaker like myself to help guide your long-term game-plan against cybercrime. Contact The Sileo Group today to initiate a crash course in cybersecurity, identity theft prevention, security awareness training, online privacy, and ultimately, to protect your bottom line.

John Sileo is a drastically different keynote speaker who focuses on the human element of cybersecurity. His clients include Amazon, the Pentagon and Charles Schwab, but he gets his deepest satisfaction from helping smaller organizations and associations protect their data, profits and repuation. John books out many months in advance, so please call 303.777.3221 to learn more.