In the heart of paradise, a digital threat lurks. Ransomware, a malicious software that encrypts your files and holds them hostage until you pay a ransom, has become a global epidemic, and Oahu is not immune. From small businesses to large enterprises, and even individual residents, anyone can fall victim. But what exactly is ransomware, how does it work, and most importantly, how can you protect yourself?

To gain a deeper understanding of the ransomware landscape on Oahu, I had the opportunity to interview a local cybersecurity expert. Their insights paint a concerning picture:

"Ransomware is a global problem, hitting 86% of businesses," the expert shared. "The largest problem we have here in Hawaii is that people don't like to feel shame. When they are hit with a cyber attack such as ransomware, they don't want anyone to know because they feel embarrassed or shameful for getting taken advantage of. Because of this shame they don't report the incident to law enforcement and the thieves go on committing more crimes with impunity."

This reluctance to report attacks allows cybercriminals to operate with little fear of repercussions, further exacerbating the problem. The expert also highlighted a second major concern:

"The second largest is that people don't realize the magnitude of the problem and leave themselves unprotected. Business owners don't invest in cybersecurity and cyber insurance, so when an attack does happen, they are left to pick up the pieces alone."

This lack of preparedness leaves individuals and businesses on Oahu particularly vulnerable to the devastating effects of ransomware.

The Anatomy of a Ransomware Attack

Ransomware attacks are often multi-pronged, employing a variety of tactics to infiltrate your systems. Let’s break down the typical stages of an attack:

1. Initial Infection:

   • Phishing emails: These deceptive emails often masquerade as legitimate correspondence, tricking you into clicking on malicious links or downloading infected attachments.

   • Exploit kits: These malicious tools scan for vulnerabilities in your software and exploit them to gain unauthorized access.

   • Drive-by downloads: Simply visiting a compromised website can trigger a malicious download without your knowledge.

2. Encryption:

   • Once the ransomware gains access, it swiftly encrypts your files, rendering them inaccessible.

3. Ransom Demand:

   • A ransom note appears on your screen, demanding payment (usually in cryptocurrency) in exchange for the decryption key.

Shattering the Myths: Confronting Common Misconceptions

Our cybersecurity expert sheds light on some of the most prevalent misconceptions that leave Oahu businesses vulnerable:

• "My business is too small to be attacked": The reality is that cybercriminals often target smaller businesses, believing them to be easier targets with weaker defenses. In fact, your business is not too small to be attacked, it's too small to make the news.

• "I don't have anything a hacker would want": Even seemingly mundane data can be valuable to hackers. Customer information, financial records, or even access to your network can be exploited.

• "Cybersecurity is too complicated and too expensive for my business": While cybersecurity can seem daunting, there are cost-effective solutions available, and the cost of an attack far outweighs the investment in prevention.

• "The business hasn't been attacked, so what we are doing must be working": A lack of attacks doesn't guarantee immunity. Cybercriminals are constantly evolving their tactics, and complacency can be a costly mistake.

These misconceptions create a false sense of security, leaving businesses unprepared for the devastating consequences of a ransomware attack.

The High Cost of Ransomware

The consequences of a ransomware attack extend far beyond the ransom payment itself.

• Downtime: Your business operations can grind to a halt, resulting in lost productivity and revenue. Recent CISA reports suggest that the average downtime from a ransomware attack is a staggering 15-20 days.

• Data loss: Even if you pay the ransom, there's no guarantee that you'll recover all your data.

• Reputation damage: Your customers and partners may lose trust in your ability to protect their data.

• Legal and financial repercussions: You may face fines or lawsuits for failing to adequately protect sensitive information. Regulatory repercussions such as fines under FTC Safeguards can top out at roughly $52,000/day.

The Power of Cyber Insurance

Our expert emphasizes the critical role of cyber insurance:

"Every business owner should have a separate cyber insurance policy, separate from any other policy. The Cyber insurance company will require the business owner to have some semblance of a cybersecurity program in place to protect the business, help it recover quickly in the event of an attack and to protect customer information therefore reducing liability on the business."

Cyber insurance not only provides financial assistance in the aftermath of an attack but also offers valuable guidance and resources to help businesses navigate the recovery process.

"Insurance not only helps to pay the bills when an attack occurs, but can often help to guide the business owner through an attack and recover much faster than without. And having cybersecurity in place will help to reduce premiums significantly."

Protecting Yourself: Proactive Measures for Oahu Businesses

Our expert outlines essential cybersecurity practices for Oahu businesses:

"Businesses should have an IT/cybersecurity person onsite or a cybersecurity focused IT vendor. Since IT and cybersecurity are two different disciplines, it is unlikely that a small business will have a budget for both, so hire it out."

They further recommend a minimum set of security measures:

1. Remote management and maintenance software

2. AI-infused security software

3. Cyber Insurance of at least $1M per incident, preferably $2M meeting the FTC Guidelines

4. Documentation of all systems (including mobile devices and work from home)

5. Logging on all systems and a central repository known as SIEM

6. Conduct Cybersecurity Risk Assessments (at least once a year, preferably 2 times per year)

7. Incident Response Plan

8. Encrypted backups

9. File Level encryption on all file storage locations

10. Conditional Access Policies and MFA using authenticator tokens

These proactive steps can significantly bolster your defenses against ransomware and other cyber threats.

The Role of IT Services and MSPs in Ransomware Protection on Oahu

Our cybersecurity expert underscores the crucial role that IT services providers and Managed Service Providers (MSPs) play in fortifying Oahu businesses against ransomware:

"MSP's and IT Service providers should be using a cybersecurity-focused stack to help manage risks associated with a business' systems. They should be providing patch management along with their services making sure that systems and hardware are kept up to date. Having 7-10 year old equipment is a risk as they are likely not being updated any longer and contain a lot of unpatched vulnerabilities as a result, vulnerabilities that a hacker could easily take advantage of."

Keeping software and hardware up-to-date is critical in closing vulnerabilities that cybercriminals exploit. Beyond that, our expert emphasizes the need for proactive, ongoing security measures:

"A security software that deploys ransomware canaries throughout the network to warn of suspicious activities associated with ransomware. IT providers should be employing a 24/7 SOC and conducting cybersecurity risk assessments along with quarterly auditing of users and file access as well as any SaaS (online) applications that users may have access to. MSP's should be conducting quarterly roundtable exercises to practice for a ransomware or other cyber attack so that the business is prepared when it does happen."

By partnering with an MSP that employs these robust security practices, businesses can gain a significant advantage in the fight against ransomware.

Real Estate Industry on Oahu: A Prime Target

The real estate sector on Oahu faces unique cybersecurity challenges, as our expert highlights:

"Real Estate agents are prime targets for a cyber attack. If you think about the last time you went to an open house, you probably saw a sheet of paper that collects names, addresses (possibly), phone numbers and email addresses, just sitting out in the open. An attacker could easily snap a picture of this form and have a place to start in attacking the people who visited the open house."

This simple example illustrates how seemingly innocuous practices can expose sensitive information. The expert continues:

"Agents also collect sensitive data from their clients, perhaps banking information, 401K and other sensitive information that an attacker would love to get their hands on. If they are using Google Drive or Dropbox to collect and share this information, not only are they putting their clients at risk, but they are exposing themselves to liability for not protecting the customer information."

The use of free cloud storage services for sensitive data can be a risky proposition, potentially leading to data breaches and legal consequences. The expert further points out the vulnerabilities of independent real estate agents:

"Also, many real estate agents are 1099 independent contractors so they are on their own to protect the data they collect and most of them are trying to save money by using free resources such as email (Gmail, Yahoo, Outlook.com, etc.) and file sharing applications (OneDrive, Google Drive and Dropbox) and thereby putting their clients and themselves in danger of being attacked and taking on unnecessary liabilities."

These insights underscore the urgent need for real estate professionals on Oahu to prioritize cybersecurity and adopt robust data protection measures.

What to Do When You Become a Victim

Even with the best defenses, a ransomware attack can still happen. When you fall victim:

1. Do not pay the ransom: There's no guarantee that paying will result in the recovery of your data, and it may even encourage further attacks.

2. Isolate the infected systems: Disconnect affected devices from the network to prevent the ransomware from spreading.

3. Report the attack: Contact law enforcement and your IT services provider or MSP and your cyber insurance company immediately.

4. Seek professional assistance: Contact your cyber insurance carrier. They likely already have digital forensics, data mining, breach coach and other experts for you to call and help you through the complexities of and recovery from an attack.

Cybersecurity is an Ongoing Journey

Ransomware is a serious threat, but with the right cybersecurity focused IT Team on Oahu and proactive measures, you can significantly reduce your risk. Remember, cybersecurity is an ongoing process, not a one-time event. Stay vigilant, educate yourself and your employees, and partner with trusted IT professionals on Oahu to safeguard your digital assets.

Don't wait until it's too late. Take the first step towards protecting your business and your customer's data today.

Schedule a free 15-minute IT Strategy Session with a cybersecurity-focused IT expert from Cyber Security Hawaii. Book your session now at https://strategy.cybersecurehawaii.com

Mahalo,
The Cyber Security Hawaii Team