Why State Agencies, Local Governments, Education, And Most Business Segments Should Worry About Ransomware Attacks

Why State Agencies, Local Governments, Education, and most business segments should worry about ransomware attacks

Why-State-Agencies,-Local-Governments,-Education
Blog

Why State Agencies, Local Governments, Education, and most business segments should worry about ransomware attacks

Home > Blog > Why State Agencies, Local Governments, Education, And Most Business Segments Should Worry About Ransomware Attacks

If you have been paying attention to the United States news cycle within the last 6 months, you may have noticed that there seem to be an unusual number of headlines about cyber-attacks. According to a ZDNet article, “There have been a huge increase in the number of ransomware attacks over the course of 2020, with a seven-fold rise in cyberattack attempts.”
In fact, according to the HHS Cybersecurity Program, they discovered at least a 72% increase in ransomware over the last 12 months. (HHS Cybersecurity Program is an enterprise-wide information security and privacy program that was launched in the fiscal year 2003, to help protect HHS against potential Information Technology threats and vulnerabilities). These incidents have included the full file dumps, screenshots, and even samples of the data pieces being recorded and extracted.
The most infamous cyber-attack of the year came from the compromised Colonial Pipeline on April 29th, 2021. According to Charles Carmaka, the senior vice president at cybersecurity at the firm Mandiant, said the hackers gained entry through a Virtual Private Network account that was no longer in use of the time of the attack but still could be used to remotely to access the company’s computer networks. Charles continued to describe that the hack had originally traced a large of number of leaked passwords to the dark web but admits that investigators may never know for certain how the credentials were obtained.
Those of you unfamiliar with the Colonial Pipeline cyber-attack, on May 7th an employee in the Colonial Pipeline control room saw a ransom note that demanded a payment in cryptocurrency. The Operations Supervisor made the “exact right decision” to shut down the gasoline pipeline for the first time in its 57-year history. Since the company’s system “transports roughly 2.5 million barrels of fuel” to almost the entire east coast, it caused quite a few disruptions with long lines at gas stations, no fuel at many of them, and panic buying by consumers. As a tireless physical inspection of the gas pipeline occurred days and weeks after the note arrived, Colonial found no reason to believe that the pipeline was in danger of being damaged. Since the hackers threatened to release all 100GB of data, including their passwords, Colonial was forced to pay the ransom of 4.4 million dollars. Even though over 85% of the ransom was recovered in large part due to the FBI and the US government, the total cost to shut down operations, even for several days, almost doubled the cost of the original ransom.
Ransomware attackers are targeting the United States in alarming numbers and the Colonial pipeline cyber-attack is the canary in the coal mine. Although the attacks seem to be targeting the core infrastructure of the United States including, education, healthcare, and Utilities (See the Fg.1 below), it is apparent that more than 55% of companies do not have the necessary tools, teams, or tests in place to fight a potential ransomware attack.
average-ransomware
Of the most vulnerable business segments listed in the figure above, it should be noted that:
  1. Over 83% of Healthcare organizations are using Cloud services
  2. 90% of K-12 school districts are using cloud storage
  3. 88% of K-12 school districts are cloud-based software systems
  4. 71% of utility companies use cloud computing systems

Whether your data is on-premise, hybrid, or 100% in the cloud, it is more important than ever to adopt a well-architected framework as AWS has provided for its users. This framework focuses on 5 pillars (Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization) with security and operational excellence being at the top of their list.

To help avoid potential threats and attacks, AWS has provided a series of best practices that can help protect your companies’ data from falling into the wrong hands. Amazon recommends running well-architected reviews to address security risks and bolster any architectural deficiencies. This well-architected exercise is best performed with a Certified AWS Partner like Teqfocus as a third-party intermediary to catch what would otherwise be missed by going through the exercise alone.
If security is at the top of your mind like it is for us, we would welcome you to reach out to our AWS team at Teqfocus to walk you through what a well-architected review would look like and how participating in one (even with a single workload) will increase your company’s security posture.

Author:-

MicrosoftTeams-image (2)

For over the last 7 years, Danny has been on his cloud journey by working with top cloud solutions providers and working hand-in-hand with various clients from all over the world. Although his principal focus was on the US Market, Danny has been able to provide dynamic Cloud Solutions powered by AWS for almost a full decade.

Growing up in a Cloud Country (Seattle, WA), Danny was always surrounded by technology including his Nintendo Entertainment System, his family shared Commodore PC, and later to his dial-up internet connection via AOL. Although he didn’t know it at the time, Danny was walking the distance to the top 2 most influential tech companies who currently lead the way with Cloud, Amazon, and Microsoft.

We’d love to hear from you and discuss how we can help your organization!

X