Your Company’s Plans May Make It a Ransomware Attack Target
Many financial transactions, including mergers and acquisitions, depend on shareholder support to succeed. Any information that paints a company and its activities in a bad light can make investors nervous and more likely to deny and derail a transaction. Perpetrators of ransomware attacks understand this, which is probably why the risk of being hacked rises when companies engage in significant financial events. Here's what you need to know about this threat and how you can protect your company.
A High Price
As the FBI recently reported, criminals are leveraging nonpublic information as part of ransomware attacks. They study public company market data to identify potential victims and then hack a company's network to gather confidential information, threatening to release it if they don't receive payment. Several companies that had yet to make their M&A negotiations public (and therefore were particularly sensitive to document leaks), became ransomware victims.
Although victim organizations obviously want to prevent the release of sensitive data, ransom costs run high. According to research by security company Unit 42, the average payment made by businesses to ransom demanders in the first half of 2021 was $570,000 — up from an average of $312,000 in 2020. One giant insurance company reportedly paid $40 million to criminals who had encrypted its data and threatened to release confidential information to the public.
Your company should take every possible action to prevent and mitigate the effects of a ransomware attack — particularly if you're anticipating a high-profile transaction that's likely to make you an attractive target. The FBI recommends that businesses:
Back up critical data regularly. Many companies claim to do this but neglect to back up data frequently enough to limit data loss in the event of a ransomware attack. You may want to update your backup policy and ensure IT staffers are following it to the letter.
Ensure backup data is safe. Whether you back up data to the cloud or on an external hard drive or storage device, make sure these "safe places" are, in fact, safe. For example, your cloud computing provider needs to maintain robust security and agree to notify you of any breach immediately. Also limit access to external hard drives to those with a defined business purpose, and make sure devices are protected by complex passwords that are changed frequently.
Keep security software current. If you're short-staffed, you may have neglected to keep anti-virus and anti-malware software up to date. But updating is critical. Hackers routinely exploit known security weaknesses. Installing updates and patches is one of the only ways to keep them out.
Use only secure networks. Warn employees about using public Wi-Fi networks in such places as coffee shops, hotels and airports. These networks are rarely secure. If possible, install security software on company-issued laptops, smartphones and other devices.
Adopt two-factor authentication. This security strategy requires two forms of identity confirmation to grant access to a system. For example, in addition to providing a username and password, someone might also need to enter a temporary code delivered via email, text or phone.
Use authenticator apps rather than email. Some hackers break into email accounts to circumvent two-factor authentication protection. But an authenticator app, such as Google Authenticator, can generate a code that must be entered to gain network access. Because this code appears only on the user's phone, it's harder for a criminal to access it.
Discourage clicking. Employees have been warned for years about clicking on links in unsolicited emails. Yet many still do so and inadvertently assist hackers. Some new strategies include establishing a "sacrificial computer" where suspicious emails can be opened without infecting your network or paying for a service that "isolates" browsers. At the very least, make sure employees know who to contact if they click on something they shouldn't have.
Implement a policy of least privilege. To make it harder for cybercriminals to break into your network, grant employees only the minimum access to files, directories and networks that they need to perform their jobs. Update permission levels when workers change positions or leave your company.
If You're Attacked…
Some hacked businesses have chosen to ignore perpetrators' demands — and most have lost data and incurred costs to rebuild their networks. In fact, the FBI strongly discourages companies from cooperating with ransomware perpetrators.
However, you may not feel you can ignore a ransomware demand if your company is on the verge of a significant transaction. Such situations call for the advice of IT security experts —who increasingly are specializing in ransomware attacks. Also contact your financial and legal advisors. They can't make the difficult decision about whether to pay ransom for you. But, along with your public relations staff, outside advisors can help you understand your current position and weigh possible options.
Securities offered through Avantax Investment Services℠, Member FINRA, SIPC. *Investment advisory services offered through Avantax Advisory Services℠ ** Insurance services offered through an Avantax affiliated insurance agency. Avantax affiliated advisors may only conduct business with residents of the states for which they are properly registered. Please note that not all of the investments and services mentioned are available in every state. The Avantax family of companies exclusively provide investment products and services through its representatives. Although Avantax Wealth Management℠ does not provide tax or legal advice, or supervise tax, accounting or legal services, Avantax representatives may offer these services through their independent outside business. This information is not intended as tax or legal advice. Please consult legal or tax professionals for specific information regarding your individual situation. Content, links, and some material within this website may have been created by a third party for use by an Avantax affiliated representative. This content is for educational and informational purposes only and does not represent the views and opinions of Avantax Wealth Management℠ or its subsidiaries. Avantax Wealth Management℠ is not responsible for and does not control, adopt, or endorse any content contained on any third-party website.