Held to ransom
$14.2 million – that is the ransom a global meat processing company recently paid to end a cyberattack. But it is not just global businesses that are at-risk.
The rising threat of ransomware
Global meat processor JBS Foods was hit by a cyberattack in early June, and its global operations were thrown into chaos. Operations in Australia, Canada and the US were disrupted for five days as malware paralysed the servers supporting company operations in North America and Australia. The ransomware attack was orchestrated by what has been called “one of the most specialised and sophisticated cybercriminal groups in the world”.
According to the meatpacker, the cyberattack was so debilitating that it threatened to disrupt food supply chains and inflate food prices in regions across the world. The attack also forced the company to cancel shifts for employees at its US and Canadian meat plants. In Australia, staff were temporarily laid-off and farmers had to cancel their livestock shipments.
JBS Foods agreed to pay a ransom equivalent to US$11 million (around A$14.2 million) to the gang. The ransom was paid using Bitcoin.
The cyberattack on JBS Foods made global headlines, but it is not only large corporations that fall victim to ransomware attacks.
Held to ransom
Ransomware is a type of malware that typically encrypts files on an organisation’s computers and servers. The hacker will often export sensitive data from the encrypted systems as a “hostage”. Once the systems have been encrypted, a ransom is demanded, usually in the form of cryptocurrency (due to limited traceability), in exchange for a decryption key and to prevent confidential files from being released or sold on the dark web.
According to analyst Simon Quilty, US statistics showed 10 companies paid between US$300,000 and US$10 million to get back online in 2020. Controversary surrounds the practice of companies paying the ransom, as JBS Foods did. Some see it as the only way of ending the attack and limiting losses. Law enforcement, including the FBI and Australian Cyber Security Centre (ACSC), warn against paying cyber criminals. Some experts say paying sets a dangerous precedent and there have been calls across the globe for ransom payments to be outlawed.
In Australia, insurers including AIG and QBE are urging the government to outlaw reimbursements to companies that make ransom payments to cyber criminals on the basis that these payments act as a perverse incentive. AIG has foreshadowed that insurance to reimburse ransom payments is likely to undergo significant changes in coming years. Already, the costs of ransom payments are seeing insurers limit cover and increase premiums (in some jurisdictions premiums have increased by more than 100%).
According to Sophos research, the average cost of a ransom situation is 10 times the ransom paid. The same research also indicates that only one in 10 companies that paid the ransom got all of their data back.
Every 11 seconds a business is attacked by ransomware
The threat of ransomware attacks is rising exponentially. Cybersecurity Ventures data showed ransomware damage cost US$325 million in 2015. By the end of 2021, global costs could reach US$20 billion. And by 2025, global cybercrime costs are estimated to reach US$10.5 trillion (growing 15% each year).
AIG has seen an increase of more than 150% in the frequency of ransom and extortion claims notifications since 2018. The insurer also notes network outages and business interruptions caused by this malicious software are also lasting longer, with a typical outage from global ransom and extortion claims extending for seven to 10 days.
Since the start of the COVID-19 pandemic, the number of ransomware attacks has increased by nearly 500%
In Australia, the ACSC recorded 362 reports of ransomware cybercrimes in 2020 (up to 31 October) – an increase of more than 50% compared to the same period for 2019. Data from Check Point Research found a 102% increase in ransomware attacks this year compared to the beginning of 2020. In March, it reported a 57% increase in attacks since the beginning of the year and, since April, have seen an average of over 1,000 organisations being hit by ransomware attacks weekly. On average, organisations in the Asia-Pacific region are attacked 51 times per week – a 14% increase compared to the beginning of 2021.
While it is fair to say that a hacker has the potential to make more money from targeting a large corporation, organisations of all sizes can fall victim to a ransomware attack. In fact, many argue SMEs are at a greater risk, as most simply do not have the resources to dedicate to cyber security measures. COVID-19 has also seen smaller enterprises embrace digital technology – heightening cyber risks.
Protecting your business
With the rising threat, businesses of all sizes are looking to cyber insurance. KPMG predicts the global cyber insurance market will rise from US$2.5 billion in 2015 to US$20 billion in premiums by 2025.
Regardless of industry or size, all organisations should consider Cyber insurance. This insurance provides protection for businesses and individuals from internet-based risks, and more generally, from risks relating to information technology infrastructure and activities. Cyber insurance protection includes security and privacy liability, business interruption, crisis management/incident response, notification costs and cyber extortion. Your EBM Account Manager can discuss your options.
For more information about protective measures you can put in place now to prevent ransomware attacks, please visit the Australian Cyber Security Centre.
While you can never protect against every possible cyber threat, the more secure your business is, the better your chances of recovery if disaster strikes. Talk to your EBM Account Manager about cyber risk mitigation.