Expert Q&A with Dan Kalil
Organizations all over the world are becoming increasingly susceptible to ransomware, a constantly evolving cyber threat. With recent attacks on the Colonial Pipeline and JBS SA, it’s clear that ransomware not only impacts the organization that has fallen victim but can also have major implications for society as a whole.
Dan Kalil, chief executive officer at GreyCastle Security and chief commercial officer at Assured Information Security (AIS), weighs in on the significance of this malicious technology and what organizations can do to protect themselves.
What exactly is ransomware?
“This evolving form of malicious software is used by criminals, often for the purposes of financial gain,” says Kalil. “Its premise is simple — attackers will lock a user or organization’s files so that they can’t access them and will only unlock them if the ransom is met. Typically, a ransom demand has both time and money attached to it.”
These attacks have become increasingly prevalent among government entities and critical infrastructure as tactics become more and more advanced.
What is the impact of ransomware?
“It’s the largest and most common threat in the cybersecurity world right now,” says Kalil. “Not only do organizations suffer substantial financial loss, but company operations can be disrupted because their files are locked and organizations can’t access them. These disruptions can range from minor to major, as we saw with the Colonial Pipeline being fully unable to operate.”
According to the Washington Post, in recent years, ransomware attacks have affected organizations ranging from banks and hospitals to universities and municipalities — almost 2,400 organizations in the U.S. alone were victimized in 2020. Attackers are increasingly targeting industrial sectors because these firms are more willing to pay up to regain control of their systems, experts say.
In the case of the attack on the Colonial Pipeline in May, the company was forced to pay $4.4 million to attackers and had to shut down operations for nearly six days. As a leading fuel provider for much of the East Coast, this was a massive impact.
Who is at risk?
According to the Cybersecurity & Infrastructure Security Agency, anyone with a computer connected to the internet is at risk of being attacked by ransomware.
“While every person and business are at risk, we are currently seeing ransomware being used against businesses that have the means to pay large ransom sums and/or provide a critical offering that if unavailable, could cause significant risk to security, life and commerce,” says Kalil.
Individuals and organizations with access to critical data such as those in health care, technology, finance, education, utilities, and retail should take extra precautions to ensure they are protected.
What can be done to prevent an attack?
“Cyber threats are always evolving and it’s important for companies to practice good cyber-hygiene that include continuous identification and elimination of critical vulnerabilities that could be exploited as well as having access to real-time insight into your network operations, providing the ability to detect and eliminate threats early,” says Kalil. “End-to-end vulnerability assessments and secure product consulting are services we often encourage our customers to consider at AIS and GreyCastle Security. These services will help to proactively identify weaknesses before they become a problem. Then, customized solutions can be built to minimize potential threats.”
While the threat of ransomware is not going away in the near future, it’s important to remember there are ways to protect yourself and your organization.
Millie Occhionero is the digital-communications lead at Assured Information Security (AIS). Contact her at email@example.com.