That fateful click installs ransomware that locks the user’s workstation and crawls areas of the network the user has access to. It hits the first jackpot — the payroll folder on the network — and from there, continues to lock down servers and workstations, and collect a treasure trove of personal and proprietary information along the way.
Finally, a message flashes on the user’s screen: “Your device is locked, go here to unlock it.”
The news isn’t good. Cybercriminals are demanding $600,000 to unlock your network. Where did they get that number? The criminals did their research. They learned the size of your operating fund and chose an amount that won’t break your organization but will still be painful.
Join Scott, Christina, and their and their colleague Rachel Sweeney for a FREE webinar called Prepare Now! Protect Your Nonprofit by Managing Risk.
Noon–1 p.m. (ET)
“[N]onprofits aren’t immune from cybercrime, and when you consider the financial and cultural cost of a breach, the proverbial ounce of prevention can help prepare and protect your organization.”
Ransomware and other malware can be a serious form of business disruption that literally takes over an organization and its operations. Some nonprofits believe they’re too small to be a target for cybercrime. Others think the risk of a breach is so remote they give it a low priority on the IT budget. But nonprofits aren’t immune from cybercrime, and when you consider the financial and cultural cost of a breach, the proverbial ounce of prevention can help prepare and protect your organization.
Cyber risk prevention starts with a risk assessment designed to help you understand the threats and vulnerabilities that may lead to a cyberattack. In addition to your systems, it assesses your users’ knowledge of potential threats — not just phishing emails but also other types of attacks that can occur via phone calls, access to unattended workstations, or unauthorized devices plugged into the network.
The risk assessment answers the following questions:
These could include:
Is it on a vendor’s system, an in-house server, or on staff members’ workstations? If data is held by a vendor, do you have the right to get your data out of their system? Do you have the ability to keep offline backup copies of your data during the contract’s tenure?
If your data is on a vendor’s system, what are they doing to protect the information? Oftentimes, this will require a review of the vendor contract to evaluate what controls are in place and where they could be enhanced to protect against cyberattacks and other unauthorized access.
The plan should include detailed steps to be followed in the event of a breach. Do vendor agreements include a clause requiring notification if there’s been a breach or ransomware attack at their location?
Another component of a ransomware attack is the threat to leak information out to the public or other bad actors. Do you have the right vendors in place to help in this scenario? This could include a pre-contracted forensics group and appropriate contacts for local law enforcement and the FBI local field office.
“Tabletop exercises help your team practice and become familiar with their roles and responsibilities for responding to a cyber event.”
Be sure to also conduct a tabletop exercise with all appropriate staff or vendors that will be involved with a cyber event. Tabletop exercises help your team practice and become familiar with their roles and responsibilities for responding to a cyber event.
The plan should answer these questions:
When organizations understand the potential implications of a cyberattack, they discover the investment in cybersecurity is no longer optional. Prevention now can avoid substantial human and financial costs later.