First, a ransomware cyberattack hit the Colonial pipeline, crippling gasoline delivery in the Northeast and Atlantic regions. Then a similar attack hit JBS, the nation’s second largest producer of chicken, pork and beef, with U.S. operations based in Colorado. Intelligence indicates that organizations based in Russia are the source of such cyberattacks.
Large corporations are digital, using a large computer system network to manage operations, logistics, production, finances and personnel. Given the complexity and interconnectivity of such operations, a rogue cyberattack can quickly spread throughout an organization’s computer system to threaten their services and products, bringing their operations to a standstill.
Are these two recent attacks isolated?
Most definitely not. For cybercriminals to have penetrated two large corporations likely required thousands of unsuccessful attempted attacks on a plethora of organizations. Corporations are getting better at fending off such attacks and keeping them outside their digital firewalls. However, bad actors are also getting better, finding new ways to penetrate any vulnerabilities and staying one-step ahead of the cybersecurity industry.
Ransomware cyberattacks are most attractive to cybercriminals interested in extorting money from their targets. They also receive the greatest media attention, placing victims at the mercy of bad actors, an untenable situation. This is why JBS paid $4.4 million for the software decryption key to regain access to their information. Other types of cyberattacks include spyware and phishing, which extract proprietary information (like passwords) from unsuspecting victims. In all cases, recovery from such attacks can be expensive, in terms of dollars paid, time expended, and with social media, reputation and trust tarnished.
Which industries are most vulnerable?
The answer is simple; every organization, large, medium and small is a potential target, if their computer system network connects to the internet. This includes federal agencies like the Departments of Defense and Homeland Security, state and local governments, and corporations within the financial industry, the transportation industry like airlines and trains, the electric grid and power industries, the dairy industry, the water industry and many others.
With so many possible targets, which organization is next?
The next big announcement will come from the company or organization that let their cyber guard down, either through temporary weak spots within their IT firewalls or by human error within the organization. At the same time, cybercriminals can exploit elements of surprise, using patience and persistence to their advantage, since they need only to be successful in their attack one time, while corporations and organizations must be successful in thwarting such attacks all the time. Cybercriminal objectives are both financial gains and disruptive chaos. Given that large corporations offer the greatest potential for large financial payoffs, and often have the most complex digital footprints to protect, they will continue to be targeted and, regrettably, be the next successful victims.
The benefits of a digital world are significant. The efficiencies gained result in better services for customers, more convenience and lower costs, things that everyone values and benefits from. The risks of a digital world are cyber vulnerability and threats of real-time disruption.
What are companies doing to protect themselves against cyberattacks? Investments in both hardware and software protection at the IT level are mandatory, which has spawned an entire cybersecurity industry. Creating multiple backups of all critical data is essential to ensure that recovery from successful attacks are rapid and seamless.
Surprisingly, one defense that is also the simplest is the human component. Educating employees on the risks of accessing insecure networks can go a long way to thwart cyberattacks. Yet, human nature often creates the greatest vulnerability and pathways into a corporate digital network. No seemingly impenetrable firewall can protect against such lapses in human judgement.
Thieves rob banks because that is where the money is. Cybercriminals are no different in their objectives. Corporations need their digital infrastructures to remain competitive and deliver their services and products. Cybercriminals know this, so they search for the weak links within this digital world to extort money or steal information.
Recent announcements suggest that they are being successful. Of greater concern, they are likely to become even more successful in the future.
Sheldon H. Jacobson, PhD, is a founder professor of Computer Science at the University of Illinois at Urbana-Champaign. He applies his expertise in data-driven risk-based assessment to evaluate and inform public policy.