There are several lessons businesses can learn from the recent ransomware attack on JBS. For once, it has exposed the vulnerabilities facing businesses. As Paul Rosenweig, a former senior security official at the Department of Homeland Security put it, “nothing is safe.”
It has also revealed that cybercriminals are increasingly targeting essential service organizations in a bid to get a quick payout. JBS processes and supplies about 1/5th of chicken, pork, and beef in the USA. It has meat processing plants in North America, Australia, and SA.
The ransomware criminals, believed to be based in Russia, were paid $11 million to restore and release JBS systems. According to JBS, they paid the ransom in Bitcoins to protect retailers, hoteliers, and restaurant owners who rely on meat products from the company.
The payout by the Colonial pipeline and JBS may embolden criminal entities to strike large organizations and those with strategic significance in their industries, nationally and globally. Food processing companies, including Alberta’s meat processors, must act fast to avert similar attacks on their systems.
According to cybersecurity experts, the only way to be 100% secure is by completely plugging out. This is not a viable option for any company keen on remaining competitive, including the highly computerized meat processing firms in Alberta.
These organizations must look for ways of fortifying their systems to be a step ahead of cybercriminals and enhance their cybersecurity hygiene.
Cybercriminals are increasingly targeting food-processing organizations.
These businesses are highly interrelated with other critical service providers with strategic economic and social significance.
Such firms may be quick to pay up a ransom to avoid widespread interruptions in their plants. They may also pay up quickly to shield their customers from the effects of the attacks, as the case was with JBS.
Identifying and Protecting Against Vulnerabilities
A close look at the attack on JBS shows that the attackers exfiltrated their systems by exploiting vulnerabilities created by Remote Desktop Protocols (RDP). Vulnerabilities created by remote access protocols such as RDPs, Virtual Private Network (VNS), and Virtual Network Connections (VCNs) are usually exploited by cybercriminals to exfiltrated systems.
Food processing companies have a significant number of Common Vulnerabilities and Exposures (CVEs). They are embedded in the software they use and some Microsoft products. However, some vulnerabilities are a result of poor cybersecurity hygiene.
There is no better time for meat processing firms in Alberta and other essential service providers to evaluate their cybersecurity landscape than now when they know they are easy targets.
Once the criminals gain access, they may harvest data or deny businesses access to their systems, as it happened to JBS and the colonial pipeline, until the organizations pay a ransom.
Alberta meat processors must invest in superior anti-remote access protocol technology. This helps in detecting and blocking exfiltration attempts launched from RDPs, VCNs, and VPNs.
This is a proactive measure to secure their systems from malicious access and prevent interruptions to their operations. However, it does not guarantee non-penetration by cybercriminals who have vowed to attack more agriculture-based companies.
JBS reopened sooner because its servers were not affected by the attack. This points to the significance of having an effective backup in reducing downtime. Meat processors in Alberta should borrow a leaf from JBS and ensure they have effective backup technology.
An effective backup ensures you can recover any data that the criminals may compromise. In the JBS attack, the criminals had exfiltrated more than 5TB of data, some of which they had broken down into small portions and distributed to various locations. They had also encrypted some data to make it inaccessible to JBS.
Even after releasing the systems, you may learn that the quality and accuracy of your data was compromised during the unlawful manipulation by cybercriminals. Having an effective backup will help you recover uncompromised data faster to reduce your downtime.
Good Cybersecurity Hygiene
Having the most effective cybersecurity technology is significant in reducing the risk of attacks and minimizing the effect. However, this should be backed by equally good cybersecurity hygiene.
You may not be an IT expert and may not know the vulnerabilities that exist in your software. However, working with experienced and reliable IT professionals like 403 Tech will ensure you are using cyber-safe IT solutions.
While cybercriminals seem to have shifted from data harvesting strategies to hijacking systems and asking for ransoms to release them, businesses must seal all loopholes that the criminals might exploit. This included implementing cybersecurity policies and educating workers about them.
You should train your workers on cybersecurity vulnerabilities like phishing and social engineering. They should have the knowledge and the right attitudes concerning cybersecurity to keep the organization’s systems safe. Conducting Phishing drills may be an excellent way of testing the effectiveness of your human firewall.
Compliance with Cybersecurity Regulations
The rising number of cyberattacks has seen a rise in cybersecurity regulations across jurisdictions. While this is a good move by authorities, businesses should not take it as a panacea to cybersecurity.
Instead, they should take the regulations as the foundation, not the ceiling for implementing cybersecurity solutions. The fact that state and government entities are falling victim tells you that even government does not have the answers to the increasing cybersecurity threat. View regulation as your minimum standard and aim for more superior cybersecurity solutions.
Working With Reliable IT Experts
IT and cybersecurity solutions are complex. If you are not an IT specialist, you may not know which IT solution is effective, safe, and affordable for your organization. You may also not know the best cybersecurity solutions for your business.
The number of IT service providers charging exorbitantly but offering subpar services may overwhelm you. However, if you work with experienced, reliable, and affordable IT experts like 403 Tech, your business will have state-of-the-art IT solutions and cybersecurity technology.
At 403 Tech, we believe every business should have the best IT solutions regardless of their size or budget. We offer managed IT services for organizations in all industries and sizes.
We work with start-ups, small and medium-sized businesses to ensure they have effective IT services for uninterrupted operations, increased productivity, and sustained business growth. Call us today to schedule a free consultation.
Scott Gallupe of 403Tech Discusses Cybersecurity Threats in Business in Calgary Article
The COVID-19 pandemic sent businesses scrambling to pivot from an office-based environment to a remote workforce. A recent issue of Business in Calgary featured 403Tech President Scott Gallupe, who advised on how local businesses can protect their IT systems from cybersecurity threats. He explained that passwords and video collaboration tools are possible entryways for viruses and malware. The article, Alright, Stop, Collaborate and Listen, features several local IT leaders, describes the issues faced by business owners during the pandemic and provides guidance on ways to protect business data from ransomware and other types of cyberattacks.