Ransomware is Only Going to Get Worse
This morning, the following press advisory crossed my desk. Since all of us are involved in media in some way, the recent ransomware attacks on Sinclair Broadcast Group remind us that no one is immune. Nor, for that matter, is anyone too small.
This was written by the PR team at Dorsey & Whitney, LLP.
Robert Cattanach is a partner at the international law firm Dorsey & Whitney who has been advising companies on how to handle ransomware attacks as he believes they’re only going to increase–the Sinclair attack this week he says is proof of this. Cattanach previously worked as a trial attorney for the United States Department of Justice and was also special counsel to the Secretary of the Navy. Today he is an expert on cybersecurity and data breaches, ransomware attacks, privacy and telecommunications, and international regulatory compliance. He shares some advice for companies on what they can do to prepare for this kind of attack in light of the news about Sinclair this week.
“The onslaught of ransomware attacks continues virtually unabated (notwithstanding President Biden’s admonishments to President Putin, which may or may not have paused the scourge briefly). Many ransomware events pass unnoticed, as the hacked entity sees no upside to making the vulnerability pubic, and the reputational damage remains significant. So what can we learn from the Sinclair attack?” Cattanach says.
- “Criminal enterprises will remain huge threats to US companies for the foreseeable future, and no target is safe. This means you. And you, and you, and you,” Cattanach says.
- “Practice, practice, practice. By all public accounts, Sinclair appears to have been completely unprepared for this contingency. No out of channel backups for the chain of command – such as simple and cheap burner phones – and apparently no contingency plans for when, not if, systems are encrypted. Reporters and news rooms were left to manage on their own. Some companies can muddle through, but if your commercial currency depends on reliable access to systems, you need to spend the time and money necessary to have a backup plan,” Cattanach says.
- “The hackers hold all the cards. Even if Sinclair restores through backup – which itself carries risks of re-infection – it may still face the Hobson’s choice of sensitive information being dumped on the dark web if it refuses to pay the ransom. If the personal information of California residents is determined to have been exfiltrated, or potentially even accessed, there will be a class-action stampede to the courthouse,” Cattanach says.
- “Messaging within the first 24-48 hours is critical; but risky. Underplay the impact and you immediately lose credibility. Admitting you don’t know gets the same result. Overestimating tanks your stock. Typically, forensic investigations take several days, or even weeks, to determine the extent and cause. You can’t figure this stuff out on the fly,” Cattanach says.
- “All of which is to say you need a plan, developed by actual stakeholders, not their minions, and a process to assemble the key decision makers at least virtually, craft the content and cadence of your messaging, and make the best decisions you can with incomplete and likely conflicting information (the fog of breach),” Cattanach says.
“If any good can come of this, it will be in the lessons learned for Sinclair and the targets about to find out the hard way,” Cattanach says.
Another key takeaway – aside from thinking that you are too small to be a target – is to be sure you have backups that are NOT attached to the Internet or your internal network that can be accessed in the event your main systems go offline.
NEW & Updated!
Edit smarter with Larry’s latest training, all available in our store.
Access over 1,900 on-demand video editing courses. Become a member of our Video Training Library today!
Subscribe to Larry's FREE weekly newsletter and save 10%
on your first purchase.