It’s stating the obvious to say we live in a digital world. When the news is full of daily reports on the fluctuations of cryptocurrency and a viral video from 2007 is sold for $900,000 as an NFT you start to understand that digital is king. Another indication that global business runs on digital is the increasing prevalence of malware. Just this month, there have been several high-profile attacks on companies perpetuated by software designed to go after a computer system by disrupting, damaging, or gaining unauthorized access. So what’s the deal with malware and should you be worried about becoming a victim?
What is Malware?
Malware includes any software designed to damage an individual computer, server, or computer network. The way malware is categorized, you can either talk about a specific means of infecting a system or the way in which it behaves. You may have heard of viruses, worms, or trojans. These are the means with which a system is attacked. With a virus, probably the most recognizable malware term and a concept we’re all familiar with right now, a piece of computer code inserts itself into the code of another program. That code is then spread through malicious action. Another kind of malware is ransomware. It works by encrypting a victim’s files and then demanding a ransom to restore access to the data. Cryptocurrency ransom payments make this kind of attack difficult to trace.
So is malware a concern for individuals, or for businesses? The answer is that malware can affect either. On an individual level, it can be used to trick someone into providing personal data that can be used for identity theft or access to credit card or other financial data. In the case of a business, malware can be used to control an entire computer system which can then be mined for data or held hostage.
You don’t have to look far to find examples of malware attacks. Remember the high-profile attacks we mentioned earlier? The one that may have affected you directly was the Colonial Pipeline attack. On May 7, a group used ransomware to hold the oil company’s systems hostage for almost a week. The demand was a nearly $5 million payment to take the encryption off locked systems. The US oil pipeline was threatened with the public leakage of stolen company data if they didn’t comply by the stated deadline. To keep the malware from spreading further through their system, Colonial shut down some operations, further interrupting their services.
The Colonial Pipeline provides fuel to seven airports, operates across 14 states, and carries more than 100 million gallons of fuel per day. It’s the biggest system of its kind in the US, supplying 45% of the fuel for the Eastern states. Every day it couldn’t operate, it was bleeding money with oil stuck in Texas refineries. In the end, the company paid the ransom to get back online. The FBI has stated that DarkSide was behind the operation—more on them later.
How did this malware attack affect you? It caused gas prices in the US and Canada to go up. The market also reacted to the incident, with Wall Street share in US energy firms up 1.5%. In an attempt to get oil flowing again, trucking restrictions were relaxed south of the border. When a business suffers from a malware attack, the impact may also be felt by customers and society at large. It’s a domino effect that can interrupt services and related businesses.
Who is DarkSide?
DarkSide is run like a business. They offer malware, specifically ransomware, as a service. The developers working for DarkSide make the software that’s used to encrypt and steal data, taking a cut of any successful extortions. The outfit is believed to be run out of Russia and they claim to be in business only for the profit and not to cause social chaos. This kind of crime can originate halfway around the world and be really difficult to trace or prosecute.
The Business of Cyber Attacks
Businesses, especially large ones, typically have cyber attack insurance. Colonial Pipeline is reportedly covered for at least $15 million. However, the really big companies aren’t the only ones who are suffering from malware attacks. Small businesses are also getting hit. Research has shown that over 46% of SMBs were the victims of ransomware attacks. Here are some ways, besides insurance, that you can protect your business and yourself.
- Keep operating systems updated
- Don’t click on popup links
- Use security software
- Stick to official app stores
- Don’t click on attachments you can’t verify
- Keep tabs on accounts so you’re aware of suspicious activity
- Back up data regularly
Information Sharing & Video
It’s hard to believe that malware has been around for more than 30 years. But it’s good to be aware of how it works and how you can protect yourself. If you need to make staff aware of cyber threats and are looking for an efficient way to keep everyone informed, a training video could be just the ticket. Key West Video can create a live-action or animated video that can be viewed by new employees when hired and reviewed by everyone whenever needed. This can help protect your business and assure that everyone has uniform, accurate information across the company. In an ever-changing digital landscape, remember that we can make updates and changes to a video whenever necessary. Think of it as a long-term investment that can grow and change with your business. Call or go online for a free quote.