If you’ve been following the news, or our blog, you know that ransomware attacks have accelerated over the last business quarter. Almost every other news cycle there’s another major ransomware attack rattling the enterprise—and connected business partners and consumers—by extension. News this week broke of the latest high-profile hacking with a ransomware demand of $50M.
The hacker group targeted the Irish-based multinational global Fortune 500 company, Accenture. The Artificial Intelligence (AI) and machine learning (ML) organization with over half a million employees and revenues topping $44B last year hasn’t confirmed all the details.
This blog covers what we do know now and how to protect your own business from becoming the next headline.
The attack was backed by LockBit ransomware.
Here’s the back story for context.
The major ransomware breach comes on the heels of a July REvil attack on Kaseya—including a $70M demand to decrypt victim files. Kaseya clarified later that they obtained a ransomware decryptor without paying the hefty sum.
The Accenture ransomware attack continues the disturbing trend targeting IT service providers that other organizations rely on for their IT security and operations.
Calling for backup.
In a statement released by Accenture on Wednesday, the tech giant shared that “through security controls and protocols, [the organization] identified irregular activity.” However, after containing the ransomware incident and isolating the servers that were impacted, Accenture “fully restored affected servers from backup.”
Unfortunately, according to CNBC, hackers behind the Accenture attack have already published more than two thousand files across the dark web, including PowerPoint presentations and case studies.
In recent months, Accenture CEO Julie Sweet put an emphasis on the organization’s focus on security after the company amassed double-digit growth fueled by advisory, cyber defense, and managed security services—following the company’s acquisition of Novetta—a company laser-focused on the national security sector.
Over a third of organizations experienced a ransomware attack this past year.
These cybersecurity trends are alarming, and they aren’t changing. According to IDC, more than a third of all organizations worldwide have experienced a ransomware incident on some level over the past twelve months. In addition to the cost and business disruption, brand trust is at stake when your organization makes the latest cautionary soundbite or headline, perhaps having the most irreversible impact.
So, it makes sense that only 22% of IT Directors are confident in their security posture. Meanwhile, 80% of IT teams experience M365 data loss due to a lack of third-party backup and security.
While cybersecurity attacks are unavoidable there are a few best practices that can help.
1. Backup is essential.
While platforms like Microsoft 365 have an endless array of services, backup isn’t one of them. That makes having an extra layer essential. In this case, it helped Accenture restore all of its data after what could’ve otherwise been massive devastation.
2. Regularly assess your security posture.
With attacks only accelerating and ransomware growing more formidably advanced technology, it’s mission-critical to regularly assess your business security posture. The NIST Cybersecurity Framework has become the industry standard for gauging how integrated cybersecurity risk decisions are factored into big-picture business operations, using four tiers to measure cybersecurity risk: partial, risk-informed, repeatable, and adaptable.
3. Educate your workforce.
Spear phishing messages often have a five to six times higher click-through rate than actual marketing emails, and 70% of employees fall for them. Having cybersecurity training should be the mandate for 2021 along with a security policy signed by every employee at your organization. The majority of ransomware attacks start with a painfully clueless employee and a seemingly harmless email.
4. Do not pay the ransom.
Do not under any circumstance pay the ransom. There’s a whole constellation of reasons to take this option entirely off the table—for one—your company can be sanctioned for paying an entity that’s considered an enemy of the state or U.S. allies. Even if you pay and receive any lost data or applications intact, that doesn’t prevent your data from being splashed across the dark web—hackers don’t have a moral compass. Finally, organizations that do pay ransomware are making it clear that hackers can expect them to pay again in the future while driving a toxic trend that impacts businesses across every vertical.
Time to act
Ransomware attacks cost the enterprise $8B every year, and every dollar spent was preventable. Our security specialists can help you assess your security positioning in less than an hour and add the extra layer of backup and security every organization needs.