Protecting Critical Infrastructure
Ransomware has the potential to damage more than some data files. It could completely encrypt the systems that run water, electricity and even street lights. In 2016, Ransomware brought in more than $1 billion, and there are no signs of it slowing down in 2017.
Critical Infrastructure Attacks
Vulnerabilities in critical infrastructure systems make them prime targets for ransomware. The combination of outdated or ineffective security systems, coupled with the mission-critical functionality, means that they often pay up. Here are a few examples of these attacks.
Nuclear Radiation Monitoring System
The Chernobyl nuclear power plant has a radiation monitoring system that was compromised during a ransomware attack. Workers had to manually monitor the radiation levels, rather than relying on the safer method, until their systems were restored.
Closed Circuit TV Cameras
The police cameras in Washington DC got hit with ransomware that prevented the system from recording anything for several days. While the police department did not pay the ransom, they did have to take the time to restore the systems back to full functionality, which in itself presents a cost.
The San Francisco MUNI system‘s computer terminals were brought down by a hacker. They refused to pay the ransom and started bringing their systems back up through their disaster recovery program, which once again took time and money.
Best Practices for Preventing Ransomware Infections
How can you prevent ransomware from encrypting your files and making it impossible to operate? Use these best practices to limit the potential for this malware to lock down your systems.
The biggest threat that ransomware holds is that it prevents you from accessing critical data. When you have systems on a daily backup schedule, you reduce the damage caused by the malware.
Reduce the amount of low-hanging fruit that a hacker can use to gain access to your systems. Keep software, operating systems and hardware updated with the latest patches and security updates.
User Access Control
The fewer people who have administrative access, the better. Use the principle of least privilege to reduce the number of accounts that a hacker could use to load ransomware onto your system.
Everyone using the system should know about common methods cybercriminals use to gain access to a network. When they’re equipped with the education needed to recognize a potential ransomware attack, they reduce the potential avenues for the intrusion.
Mitigating Financial Risk in a Breach
You can do everything right and still get hit with ransomware. While following best practices reduces the chances that a hacker gains access to your network, it doesn’t eliminate it.
You need a plan to mitigate your financial risk in a breach. As ransomware attacks continue to rise in number, cyber warranties and insurance options have entered the market.
The coverage options vary, but they can do everything from reimbursing you for money paid to the hackers to the costs associated with restoring your systems from backup.
When you’re evaluating the type of ransomware insurance and cyber warranties available for your organization, consider the consequences of what would happen if you could no longer provide infrastructure services.
Ransomware’s popularity doesn’t look to be waning anytime soon. Every organization is at risk, but those operating critical infrastructure have more to lose in the event of an attack. Prepare for the possibility of a hack by adopting best practices and putting a financial risk mitigation plan in place.
Consider SentinelOne‘s Ransomware Warranty when you’re putting your strategy together. You get a one million dollar ransomware protection plan that helps you breathe a little easier, even if the worst happens.