We hear about it in the news all too often. Ransomware hitting IaaS and PaaS platforms that in turn paralyze digital commerce businesses by stealing customer data. This type of event can have disastrous effects on your operations as well as customers' trust. But there are ways to protect your business.
Imagine if your webshop is unavailable for hours, days, or even weeks. What would that do to your sales, revenue and bottom line? And how would it affect your customers’ trust in your brand? What if all your customer data got stolen by attackers? The data that is the lifeblood of your business operations, and the core in building strong customer relationships through relevant communication, offers, and campaigns. Would you be willing to pay a ransom to get that data back? If so, how many times a year would you be willing to pay?
Don’t let these questions be an afterthought. Start securing your business now.
Cyber-attacks get smarter and hit harder
With the development of various AI tools, cyber-crime is getting smarter. Therefore, the risks to individuals, companies, and organizations have never been greater. According to Statista, the global average cost of a data breach is 4.45 million USD. The digital commerce sector is particularly hit by fraudsters. Research by Deloitte claims that 91% of e-commerce organizations reported at least one cyber incident over a year.
Recent cyber attacks indicate that cyber criminals are becoming more adept, evolving these actions into more advanced business models. What used to be the work of shady hackers looking for quick money can now be well organized projects with thought-through strategies and detailed action plans.
As an example, we’ve recently seen ransomware attacks where fraudsters have demanded a “customized” ransom amount based on what they believe an organization is capable of paying rather than a random, often high, ransom amount. This development suggests that the cyber criminals have researched their targets and calculated the likelihood of getting paid to maximize the revenues from each attack. One example of these smart cyber-attack models is the Akira ransomware.
What is Akira?
Akira is a new ransomware family that was first detected in March 2023. It is known for its double extortion tactics, a ransomware-as-a-service (RaaS) distribution model, and unique payment options. Akira is one of the fastest-growing ransomware families thanks to its highly experienced and skilled operators. The ransom demands typically range from 200,000 USD to over 4 million USD. According to reports, Akira operators provide victims the option to pay for either file decryption or data deletion; they don’t force victims into paying for both.
The Akira ransomware often targets organizations running a VPN (virtual private network) service without multi-factor authentication configured. Once the ransomware infects a system, it encrypts targeted files using a hybrid encryption algorithm. The Akira ransomware binary also has a feature that allows it to inhibit system recovery by deleting shadow copies from the affected system.
How to protect your digital commerce business
Protecting your business against cyber criminals is a never-ending task. It requires ongoing education, monitoring and improvement of your security efforts. You’ll never be 100% secure but you should do everything you can to increase the cost and effort it would take attackers to break in so that they hesitate to go after your organization. In short, don’t be an easy target.
Here are five ways to get started improving your protection. While these tips are valid for all types of organizations, they are particularly important for digital commerce businesses as an attack in this industry may put your very core operations at risk.
1. Enable multi-factor authentication (MFA) for VPN access
By enabling MFA, you can add an extra layer of security to your VPN access and reduce the risk of unauthorized access. Employees working from a home office may see this additional authorization step as a hassle and try to avoid it through work-around processes. So it’s important that you clearly communicate to the organization why the MFA process is critical for the security of your business operations.
2. Implement network segmentation
Network segmentation means dividing a network into smaller subnetworks to reduce the attack surface. By segmenting your network, you can limit the spread of ransomware in case of a breach. You may have heard about cyber attacks to a data center where only a fraction of customers was hit. That means the data center had network segmentation in place to limit the damage.
3. Keep your software up to date
Ensure that all your software, including operating systems, applications, and security solutions, are up to date with the latest patches and updates. This is not only a way to get access to the latest features and functions of the software you use. It will also help prevent attackers from exploiting known vulnerabilities.
If you use third-party services to manage your data, you need to keep a close dialogue with vendors to ensure they update software at their end as well. Remember that you are responsible for your data and need to keep track of security risks throughout the entire lifecycle.
4. Educate your employees
Train your employees on how to identify phishing emails, suspicious links, and attachments. This can help reduce the risk of social engineering attacks that can lead to ransomware infections. It’s important to note that security is not solely the responsibility of a small group of people in the IT department. Everyone in the organization needs to have knowledge and awareness of the threats and how to avoid becoming a victim.
5. Backup your data regularly
Regularly backing up your data can help you recover your files in case of a ransomware attack. Make sure that you have a solid plan, schedule, and clear ownership for backing up data. Plus, ensure that your backups are stored in a secure location that is not connected to your network. For your most sensitive data it might also be worth saving backups in a different format. This way you can move to another data center or leverage a redundancy system if your primary one is down or affected by an attack.
Remember, it’s your responsibility to backup your own data, you cannot rely on data center owners or system vendors to do this for you.