Paying the Price for Security

And the ransomware attacks just keep on coming.

Add Fortune 500 company Accenture to the ongoing list of major companies that have been victimized and compromised in recent months as the Dublin, Ireland-based global cyber consulting firm was breached last week by a cyber threat using a strain of ransomware known as LockBit.

Reports indicate that the hackers, known as LockBit 2.0, demanded $50 million in exchange for the more than 6TB of Accenture’s data they stole.

A threatening message by the hackers on the day of the attack on August 11 showed just what their intentions were if their demand was not met, while at the same time pointing out Accenture’s lack of security in preventing the cyberattack.

“These people are beyond privacy and security,” the message read on their website. “I really hope that their services are better than what I saw as an insider. If you’re interested in buying some databases reach us.”

While there has been no proof of whether the ransom demand was met, or if Accenture’s private data was actually leaked, the company claimed to have things under control when it issued a statement on the day of the hack, stating that "Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from backup, and there was no impact on Accenture's operations or on our clients' systems."

Whether or not this was an “insider job,” as some reports indicated, executing a ransomware attack on a company valued at more than $44 billion is downright scary, don’t you think?

This wave of perpetrated ransomware attacks has spread across the United States and across the Atlantic at such a frenetic pace.

Want proof? According to data presented by Atlas VPN earlier this week, ransomware attacks are up 151 percent in the first half of 2021, compared to the same time in 2020.

The report also shows that in the first half of 2020, there were a total of 121.4 million ransomware attacks across the world. Already, the first half of 2021 has reached 304.7 million ransomware attack attempts, making it the worst year ever recorded.

To no one’s surprise, the United States is a prime target for most hackers, as the country has experienced 227.3 million ransomware attack attempts thus far in 2021, according to the Atlas VPN report. Ranked second on the list of targeted countries is the United Kingdom with 14.6 million ransomware attacks attempted so far this year.

The numbers don’t lie, folks. Ransomware attacks can affect companies from mom-and-pop shops all the way to corporate giants, as we just saw with Accenture.

I’ll just run down some of the company names as a refresher, although I’m sure you read our stories and our blogs on all matters cyber. SolarWinds. Colonial Pipeline. JBS USA. Microsoft. Kaseya. And now Accenture.

And of course, the million-dollar question always arises – What can be done to quell or stop this slew of ransomware attacks that cripple our critical infrastructure, breach personal and company data, and force companies to suspend or halt their day-to-day business operations?

We wish the answer was a simple one, but it most definitely is not.

When we talked recently with Sam May, CISSP, Senior Compliance Advisor, Steel Root, about the rash of ransomware attacks, he talked about how vulnerability plays an important role in executing a ransomware attack.

“There are computers out there that are constantly scanning every IP address and every space on the Internet looking for vulnerabilities,” he told us. “As they find that vulnerability, it gets passed to another bucket of computers that then tries to exploit that vulnerability. It eventually gets to a point where they identify a system that has an exploitable and penetrable vulnerability .  to it, and then they make a determination as to whether this is going to be prosecuted or not, whether there is potential revenue behind it.

“When it comes to ransomware, it’s so easy to implement. It’s so easy to send someone a file or a link that’s been compromised or has a payload built into it.” 

It’s so easy. Those three words alone are a clear reminder that these ransomware attacks are not going away anytime soon. No company is immune to these threats, even a consulting firm like Accenture that, according to its website, “works to increase resilience against cyber threats” for other companies, but could not prevent itself from becoming the latest cyber victim.

As a result, companies will continue to pay the price, in more ways than one.