[Stay on top of transportation news: .]
How Fleets Can Double Down on Ransomware Protection
With the threat of ransomware reaching new heights in 2021, many trucking and logistics companies are doubling down on their defenses against the scourge to make sure they鈥檝e done everything they can to avoid becoming its next victim.
鈥淩ansomware is at the top of the IT team鈥檚 challenges 鈥 between trying to use technology to protect against attacks and the never-ending task of educating end users what to watch for,鈥 said Dan Brewer, vice president of information technology at Wilson Logistics.
Indeed, successful ransomware attacks on key infrastructure and supply lines in the United States have proven so visceral this year that they鈥檝e triggered an executive order from President Joe Biden nudging all U.S. businesses to get serious about ransomware protection.
Dysart
One trucking company that has experienced the impact of ransomware firsthand is Titan Transfer, which has been hacked twice during the past year, resulting in 鈥渢otal disruption鈥 of Titan鈥檚 day-to-day operations, according to Tommy Hodges, the company鈥檚 chairman.
鈥淚 think the web has created an environment where the criminal mind can run free, and anyone or any business 鈥 and that鈥檚 basically all of us 鈥 is vulnerable to attacks and subject to data loss or ransomware,鈥 he said.
Titan was luckier than most. It was able to rebuild its files in four days, Hodges said. But those four days without computers were a nightmare.
鈥淭hat鈥檚 four days of running trucks in the dark like we did back in the 鈥70s and into the 鈥80s,鈥 he said. 鈥淵ou can鈥檛 identify them, you can鈥檛 find them, and you and the FBI can鈥檛 catch them. So you have to admit that it is out there and spend the necessary resources to protect your own operation as best you can.鈥
During 2021 alone, businesses across the U.S. have been reeling from successful ransomware attacks, including attacks against IT management software developer SolarWinds and the disruption of service on the Colonial Pipeline, the largest conduit of refined oil products in the United States.
Granted, authorities have occasionally gotten lucky against ransomware hackers this year. Excellent cyberforensic work by the U.S. Department of Justice, for example, clawed back $2.3 million in bitcoin that Colonial Pipeline paid to ransomware hackers to help get its computer network up and running again.
Nonetheless, hackers more often than not get away with their exploits as they attempt to extort tens of thousands of businesses across the globe each year.
Overall, 37% of organizations across the globe have experienced some sort of ransomware attack between May 2020 and April 2021, according to a study by cybersecurity firm Sophos. Based on that survey of 5,400 IT managers at midsize organizations across 30 countries, the study also found that the average ransom paid to recover data from these attacks was $170,404.
Q3 iTECH Stories
鈻Rise of the Smart Trailer
鈻Vendors Prep for E-Logs in Canada
鈻Fleets Find Ways to Harness Trailer Tracking Data
鈻Dysart: How Fleets Can Double听Down on Ransomware Protection
鈻Clevenger: iTECH Has a New Look With a Familiar Feel
Criminals behind successful ransomware attacks often break promises to restore files once ransoms were paid, the Sophos study found. On average, victimized organizations in the study that paid ransoms only got back 65% of their data, and only 8% of organizations forking over money to the extorters were able to retrieve all of their files, according to the study.
Many fleets have gotten the message that to guard against ransomware, they should at least be keeping multiple backups of their data, including at least one full backup of data that remains disconnected from the internet at all times. That tactic could frustrate hackers鈥 attempts to infect your system鈥檚 backup data at the same time they are penetrating your computer network.
鈥淚mmutable and/or offline backups are 颅becoming critical,鈥 said Tom Baughman, executive vice president of technology at Kenan Advantage Group. 鈥淎ttackers know that backups are a company鈥檚 primary recovery tool in the event of widespread file encryption or corruption and are working very hard to avoid detection and infect all the backups within a company鈥檚 normal recovery window or rotation.鈥
Ray LaPrade, vice president of informational technology at CalArk International, agreed.
鈥淭he best approach for a successful disaster recovery plan is to have multiple backups in multiple locations 鈥 don鈥檛 rely on a single backup set in a single location,鈥 he said.
Wilson Logistics鈥 Brewer added: 鈥淚t鈥檚 also necessary to keep several generations of backups in the event there is time-delay malware [embedded] in the backups.鈥
Of course, ensuring your data has multiple backups is only one component of a comprehensive plan to thwart hackers.
鈥淲hile it is important to have backups, there鈥檚 no single magic bullet to combat ransomware, so a combination of protections is required,鈥 said Jane Jazrawy, CEO of CarriersEdge.
鈥淭his approach is referred to as a 鈥楽wiss cheese model鈥 鈥 the analogy being that you have to apply layers of protection on top of each other to cover the holes in the layers underneath,鈥 she said. 鈥淥nly when all holes are covered do you have sufficient protection.鈥
Even companies taking significant cybersecurity measures can still be vulnerable, though.
鈥淧rior to last year, I really thought that it would never happen to us,鈥 Titan鈥檚 Hodges said. 鈥淚 figured there were a lot of other fish in the pond.鈥
Prior to the first time Titan Transfer was hit with a ransomware attack, the company was using one of the nation鈥檚 premier data backup services, he said.
鈥淭he hackers managed to infiltrate their security through one of only four email 颅addresses that had access to the backup platform,鈥 Hodges said. 鈥淎fter our second attack, we built out a secondary server system so that we are continuously backed up and the most data we could lose would be a few hours. We developed a system to back this data up without being connected to our host server.鈥
Fortunately, cybersecurity experts have been busy strengthening software that is specifically designed to thwart ransomware attacks.
Here鈥檚 a representative sampling of that software, all highly rated and all available at entry-颅level prices.
- Bitdefender Antivirus Plus: A player in the anti-ransomware space for a number of years now, Bitdefender Plus offers many layers of anti-ransomware protection along with many other security features. The software is designed to eliminate known ransomware on the spot. It will also watch for unex颅pected behaviors on your network that indicate ransomware activity, such as a sudden, wholesale change in the names of files. Bitdefender backs up all your files at the first whiff of what it determines may be a ransomware attack beginning to deploy, and then restores the files after the attack has been fully neutralized.
- ZoneAlarm by Checkpoint: This is another highly rated anti-ransomware package that 颅erases all vestiges of ransomware on your computer system once detected. It also embeds 鈥渂ait鈥 files on your computer or network that are designed to lure ransomware into encrypting those files first 鈥 setting off alarms and enabling ZoneAlarm to neutralize the attack before it spreads to actual company files.
- Kaspersky Security Cloud: Kaspersky is designed to protect against two types of ransomware: one, which encrypts your files, making them unusable to you; and two, ransomware that encrypts your entire hard disk, making the entire computing device unusable. Kaspersky can also neutralize ransomware that locks up your computer screen and it offers monitoring and auto-颅neutralization of typical ransomware behaviors, such as the wholesale renaming of files and/or file extensions.
- Sophos 91视频 Premium: This program is a light version of a more robust anti-颅ransomware package that Sophos offers to enterprise-level businesses. Sophos is designed to plug known security holes in commonly used software. It could do the trick for a small trucking business that decides enterprise-颅level protection is not necessary, especially since this light version enables you to remotely safeguard software on up to 10 remote computers.
- NeuShield Data Sentinel: NeuShield is the only candidate in this pack that does not offer ransomware protection. Instead, NeuShield is an 鈥渁fter-the-fact鈥 ransomware product, which offers one-click restoration of files encrypted by ransomware 鈥 if possible. Users install NeuShield on their computers before an attack occurs. That enables NeuShield to 鈥榲irtualize鈥 any changes to the files on your system. Theoretically, virtualized files cannot be corrupted by a ransomware attack, given that they are not fully operational files.
Joe Dysart is an internet speaker and business consultant based in Manhattan. Voice: (631) 438-1142. Email: joe@dysartnewsfeatures.com. Web: .
听
