# Opener

Ransomware Manager: 2020’s Highest Paying Cyber “Job”

Published by Axio

The first half of 2020 was filled with uncertainty and change. Companies had to re-evaluate the way they do business and had to adapt fast. We previously wrote about all the changes COVID-19 has brought and how to “Prioritize Cybersecurity During Uncertain Times.”

Ransomware Advancing to the Next Level

As we are heading into the second half of 2020, SDxCentral informs that “SonicWall’s mid-year threat report found a 20% (121.4 million attacks) jump in ransomware globally in the first half of 2020 compared to mid-year 2019.” Ransomware has become more advanced and attacks are increasing as fast as COVID rates are. SDxCentral wrote that SonicWall CEO Bill Conner is comparing these ransomware attacks to “rifles, they’re not doing shotgun blasts, and they’re getting much smarter.”

Many companies can fall victim, including fitness tech company, Garmin who was a recent victim of ransomware. The company paid millions of dollars to recover their files. Those behind Maze ransomware has also targeted LG and Xerox. They first exfiltrate sensitive information to use as leverage if a company does not pay to decrypt data.

Likewise, travel giant, CWT also fell victim leading to a ransom payment of $4.5 million. CWT’s incident was an interesting one that gave insight on how these incidents play out. Originally the ransom was set at $10 million in bitcoins, but the professional services team hired by CWT was able to lower it to $4.5M. In addition to giving the data back, these adversaries gave bonus tips on how to avoid these events in the future including:

The screenshots of this transaction were posted on Jack Stubb’s Twitter feed showing just how it unfolded. No one is safe against these adversaries and securing your company is now about survival.

COVID-19 Leaving Companies More Vulnerable Than Ever

It’s evident that these adversaries are taking advantage of human vulnerabilities during this unprecedented time. The SDxCentral article also mentions how “COVID-19 expands the attack surface” since now employees may be using their personal devices as they work from home which presents another way for adversaries to gain access. In a recent Dark Reading Virtual Event: Doing More IT with Less, Axio’s Chief Product Officer and other industry leaders discuss these cyber risk changes in this post-COVID world. Fred Kwong, another panelist who is the CISO of Delta Dental Plan Association, mentioned that he saw increases in fishing campaigns, impersonation attempts and DDOS attempts as they moved to working from home.

Understand and Secure Your Cyber Risk Program

Dale mentions in the panel that organizations can’t afford to just continuously add on controls especially when COVID has led to a squeeze in budget. Organizations need to “understand the value in dollar terms in what the pieces of your security stack are defending and what they’re providing…” With so many changes to the way a company functions it may be a good time for companies to take a new assessment to address the changes in the risks they face and their current cyber posture.

The Axio360 platform empowers organizations to engage in continuous assessments as their organizations face new obstacles. COVID-19 had an immense impact on business, this is a type of event that can increase risk exposure. Learn more about the Axio360 platform and how you can assess your current cyber risk management state.