There has been no shortage of ransomware reports and data breaches affecting companies from all sectors all over the world, accelerated, in part, during 2020 as the COVID-19 pandemic caused a mass move to remote work and many organizations raced to accommodate the new normal. The City of Albany was hit with a ransomware attack where hackers demanded cryptocurrency as payment to recover encrypted files. Jackson County, Ga. paid a $400K ransomware payment to hackers as the breach kept prison guards from being able to remotely open prison cells. At the end of 2020, T-Mobile announced a data breach which its cybersecurity team had discovered and shut down malicious, unauthorized access to some information related to T-Mobile accounts. Reported phishing scams impersonating FedEx, UPS and Amazon skyrocketed during the holiday shopping boom. The U.S. Energy Department and National Nuclear Security Administration was reportedly hacked when threat actors accessed their networks as part of a major cyber-espionage operation that affected many U.S. federal agencies. Huntsville City Schools in Alabama closed for a week amid a cyberbreach and Baltimore schools also closed due to a “catastrophic” ransomware attack earlier in 2020. These examples are just the tip of the iceberg as major cyberbreaches and ransomware attacks are being reported in every sector of business and organization public and private.
In particular, phishing scams and ransomware scams are on an upward trend in terms of incidents reported. Though both types of security incidents have been around for many years, because more people are working remotely due to COVID-19, more sensitive documents are being shared over email and sensitive data may be unprotected in an organization’s network, says Michael Waters, member of the Tech Transactions & Data Privacy group at law firm Polsinelli.
Enterprises and organizations across all sectors can take heed from two lessons learned: one, no one is immune from a data breach, and two, preparing for a potential breach of data is crucial. Fortunately, there are a few steps that organizations can take to prepare their organization when it comes to data protection, say Waters and Bruce Radke, Co-Chair of the Privacy and Cybersecurity practice group at Polsinelli.
“One of the first things organizations should do is recognize that remote workers can pose a security issue and take steps to protect data, such as implementing endpoint monitoring and engaging employees in phishing training,” Waters advises.
Another important mitigation strategy for data privacy protection is taking a look at how an organization is managing the backup of its data. Having a segregated encrypted backup, along with making sure those backups are uncorrupted and up-to-date, can help organizations recover from an attack quicker and potentially save them from paying ransom. “One of the mistakes some organizations make is they want their backups ready in the event of a disruption and they don’t segregate it from the original data,” Waters says. In this case, a threat actor can potentially gain control of both the enterprise’s original data and its backups, leaving no choice but to pay a ransom to recover the data.