A major energy and utilities supplier has become the latest victim in a growing list of organizations targeted by cyberattacks. Without a quick response to an attack like this, energy companies can risk exposing customer data, cutting off energy supply, slowing or completely stopping operations, and more.
According to the Department of Energy, the recent incident was responded to quickly, and had minimal lasting impact. However, these attacks are becoming increasingly frequent across industries, and the risks continue to grow. Let’s focus on one of the most common types of cybercrime: ransomware.
Ransomware attacks are pervasive, affecting various sectors including organizations like Colonial Pipeline, JBS Foods, and Kaseya. The most frequently targeted industries range from energy and finance to healthcare and entertainment. Malicious software, better known as malware, compromises network integrity by gaining access through phishing, stolen passwords, and other vulnerabilities.
Ransomware-as-a-Service is a cybercrime business model made possible via modular business ****** with low barriers to entry, creating a wide market of perpetrators. These individuals are divided into developers who create the malware and affiliates who initiate the attacks, with profits split between them.
It is crucial to be vigilant, with the most common defense being routine basic cybersecurity hygiene, such as implementing multi-factor authentication. Other tactics include adopting Zero Trust principles and preparing for potential attacks to minimize impact. While a good defense is wise, it is still essential to have a strong relationship between the government and private sector, with collaboration being of utmost importance. Companies must share information about breaches and their efforts to disrupt infrastructure with the support of law enforcement.
Now that we have identified what makes malware like ransomware possible, let us address the best ways to avoid becoming a victim. We have broken the solution down into a few simple steps:
- Be prepared with a recovery plan – Make it incredibly challenging to access and disrupt your system. If you make an attack economically unfeasible, you have already avoided the threat. The goal is to avoid paying the ransom for privileges that might not be returned or using keys provided by attackers to regain access. While restoring corrupted systems can be burdensome, it is better than the alternative.
- Limit the scope of damage – By limiting privileged access roles, you reduce the number of entry points for attackers to acquire access to critical components of your business. If they can only gain access to pieces rather than the entire system, it will deter attackers from pursuing an escalated attack.
- Challenge cybercriminals as much as possible – This step should not interfere with steps 1 or 2, but it is essential to create as much friction as possible for potential attacks. Make it an uphill battle for intruders attempting to gain remote access, emails, endpoints, or accounts. If they do manage to get in, ensure they cannot escalate their privileges by implementing robust detection and response capabilities.
Perficient’s team of experts is well-versed in these incidents and what can be done to prevent them. If you would like to begin mounting more serious defenses, explore our energy industry expertise and browse the many technology partners with which we work to give companies confidence in their security, like Microsoft.