Supply Chain SMBs Urged to Address Vulnerabilities as Ransomware Attacks Soar

Data security and protection are critical in the face of the rising ransomware threat. Think of the resources you invest, not in terms of the line-item cost, but rather in the value of not falling to an attack.

Adam121 Adobe Stock 315095274
adam121 AdobeStock_315095274

Seattle-Tacoma International Airport. JAS Worldwide. Port of Seattle. They’re just the latest in a long list of ransomware victims, and they won’t be the last. A scourge since the malware first arrived via floppy disk in 1989, artificial intelligence (AI) tools, sophisticated social engineering, and Ransomware-as-a-Service have escalated the scope and scale of the attacks, demanding the supply chain industry’s attention. Yet, this existential threat remains squarely in a blind spot for too many SMBs.

Cyberattacks on large corporations and government agencies make news, and that, in part, is creating a false sense of security.

Absent coverage of attacks on similarly-sized organizations, it’s easy to understand why business leaders mistakenly believe they’re too small to be worth a hacker’s time. What they may not realize is that it costs hackers almost nothing to run automated crawlers and identify vulnerable internet and IP addresses, and that the cost of entry is nothing compared to the wins. Now, as large companies harden their environments, it’s the smaller organizations that will be increasingly targeted. Worse, as more of these companies acquiesce to ransom demands, hacker farms will expand their staff.

To be clear: The threat is far more widespread than many realize. Ransomware shattered records in 2023, and reports document more than $1 billion in disclosed ransom payments. The impact is certainly far worse, of course. Like the double brokering schemes that plague the freight industry, most victims don’t report the crime.

Ransomware is expected to break records again this year, and SMBs would be wise to heed these words of caution: Evaluate your vulnerabilities and address them—now.

Unfortunately, too many decision-makers outside of IT don’t take ransomware seriously enough—until it's too late.

The obscene ransom demand is only the beginning

The damage inflicted by a single ransomware attack goes far beyond the acute business impacts, ranging from ransom demands and data loss to blunted revenue and hefty regulatory fines.

Once a hacker has successfully executed an attack on your business, its name can be added to lists that circulate around the Dark Web, indicating that you're vulnerable. It’s why businesses will report additional attacks after the first instance; other hackers want to get in on the easy action.

For years, IT professionals have raised the alarm on other, downstream business impacts. In a survey of 2,000 consumers, an Arcserve report found that 39% of respondents chose not to do business with a company because of their data security concerns and 28% said they’d take their business elsewhere if they encountered even a single service issue. That’s not all: 84% shared their ransomware-related experience with others, tarnishing brand reputations.

Scared? You should be. 

It’s time to address the cracks in your protective wall

Some organizations purchase cyber insurance, believing they won’t have to do anything else. They’re flat-out wrong. Recovering a claim doesn’t address the impacts to your brand, and it doesn’t immediately restore trust with your consumers. In short, leveraging cyber insurance should be your last resort. Besides, if you don't have the right cybersecurity posture, you’re going to pay more for it—if you can even get it at all.

It’s time to rethink how you approach ransomware protection.

Like any other criminal, hackers and their bots are looking for the path of least resistance. Consider thieves walking through a dark parking lot for a moment. They’re looking for open vehicles, and the simple act of locking your doors will encourage them to move on to the next, easier car to empty.

The question then becomes: Is your door “unlocked”?

Spotting the vulnerabilities that beckon hackers

Whether you’ve outsourced data protection and security to a managed service provider or you have an in-house IT department, it’s critical to ask some revealing questions to determine if you’re adequately protected.

How regularly do we update our systems and applications and implement security patches? Regularly maintaining your systems and applications is IT 101, but it’s not uncommon for this work to slide when under-resourced teams face other pressures from the C-Suite.

Do we practice the principle of least privilege? Every access point represents a potential vulnerability. Only people who require a particular system or application to do their jobs should have access and that access should be reviewed regularly.

Have we implemented robust ransomware protection solutions?

Data security solutions aren’t enough on their own. They offer a critical layer of protection but can’t prevent every attack. What’s more, paying the ransom is no guarantee that you’ll get your data back. With data backup and recovery solutions in place, you may be able to roll back your systems and tell the attacker to take a flying leap. 

Have we thoroughly documented our IT infrastructure—and established RTOs and RPOs? That’s Recovery Time Objectives and Recovery Point Objectives, for the uninitiated. Achieve a thorough understanding of your entire hardware, software, and business application inventory, and know how long any of these systems can be down and how much data can be lost without critically damaging the business, so you can prioritize disaster recovery.

Have we implemented  a 3-2-1-1 backup strategy? Protecting business sustainability means keeping three copies of data at all times, one original and two copies; storing backups on two different media; storing one copy offsite, perhaps in the cloud; and ensuring one copy of data is immutable, meaning it can’t be altered or deleted by hackers. This strategy can go a long way toward mitigating the damaging impacts of ransomware.

Is our staff adequately trained on data security? Your team is the first line of defense. They should be able to spot phishing attacks and, if they suspect ransomware, know to immediately disconnect their computer from the network and notify IT.

Do we have a cross-department ransomware crisis plan in place and have we practiced it? A thorough crisis plan, created in collaboration with IT, finance, communications, legal, and HR leadership can accelerate recovery and minimize associated damage. It should detail the step-by-step technical recovery, as well as a plan for keeping internal and external audiences informed.

Tackle your ransomware vulnerabilities before hackers come calling

In IT circles, it’s well understood that internal IT departments are often under-resourced and understaffed—and managed service providers struggle to get clients to adequately invest. It’s not hard to understand why. It’s akin to insurance; it’s not sexy, and it may not deliver immediate impacts to the bottom line. As organizations scramble to carve out a competitive advantage, it’s shiny new toys, like blockchain and AI that draw investment.

Keep business continuity at the forefront of decision making.

Data security and protection are critical in the face of the rising ransomware threat. Think of the resources you invest, not in terms of the line-item cost, but rather in the value of not falling to an attack.

 

Latest