Earlier this month, organized threat actors broke into the systems of casino operators MGM Resorts and Caesars Entertainment.
In the case of MGM, their network was disrupted for several days with room keys, reservations, payments, and other systems affected by the infiltration. The company has also warned its credit card customers to watch for fraud. MGM customers have already hit back with two class-action suits alleging that the resort operator failed to protect their personal data. Meanwhile, Caesars reportedly paid a multimillion ransom to hacking groups after its systems were taken over by ransomware.
A sign of the times
The high-profile cyberattacks are a stark reminder of the rising threat faced by businesses of all sizes every single day. They also represent a new level of sophistication and refinement of social engineering techniques employed by the most successful groups.
Scattered Spider, one of the groups associated with the MGM and Caesars infiltrations, has reportedly initiated more than 50 attacks on businesses since March of 2022—including making false emergency calls requesting armed units to the homes of the executives of targeted companies.
The last few years have seen a marked rise in ransomware attacks, in which infiltrators seize control of their target’s networks and hold the data for ransom. Ransomware attacks are one of the most difficult to recover from.
What to do if you are a victim of ransomware
It is generally advised not to pay a ransom, because there is no guarantee that the decryption key will actually be provided or that it will work if it is provided. And even if they do provide the key and it works, you still will have to recover the data and make sure all your systems are updated to prevent a future attack. And finally, most ransomware attackers keep a copy of the data and could release it to the internet or the dark web even if you pay.
In the end, it is a business decision whether to pay or not, but having a plan in place will greatly increase your chances of successfully responding to a ransomware incident.
Like any businesses that relies on the internet for its day-to-day operations, self-storage operators of all sizes are not immune from such attacks. With a proactive and vigilant approach to cybersecurity, many attacks can be thwarted, or the damage mitigated. Follow the tips below to avoid falling victim to ransomware.
Protect your operation with PPT
When evaluating the health of your cyber security plan, it is important to mind your PPT: people, processes, and technology.
All three of these areas work together to ensure your network is as secure as possible. However, weakness in one area is all it takes for your cyber defenses to come crashing down.
People
Whether they are facility managers, executives, administrators, or customer service representatives—your staff is an essential part of blocking attempted breaches. They are also targets for security threats who will use a number of techniques to obtain the information they need to log in to their accounts and gain unauthorized access to your business systems. Training your employees to recognize such attempts is absolutely critical, and training should be provided at least once a year.
Access controls: Limit access to critical data to only those staff who need it to perform their job responsibilities. When too many people have access to critical data, it increases the risk that your data could be compromised. Not everyone should have administrative privileges. Limit it to staff that needs to perform admin functions.
Processes
In addition to making sure your people know how to spot CEO fraud or a spearphishing attempt when it happens, you want to make sure they know what to do next. Having an incident response plan that outlines procedures for dealing with cyber incidents ensures each is dealt with appropriately by your IT department or security vendor.
Also consider processes when it comes to overall security and data handling practices. Make sure you have a defined Business Continuity and Disaster Recovery (BCDR) plan that includes regular backups of critical data. It’s extremely important that you have all of your data backed up so you can restore in the event of a successful ransomware attack.
Make sure that your critical vendors – who provide your mission-critical operational software and data – are doing the same.
Technology
Having the right technology, and keeping it up-to-date, is another crucial part of your cybersecurity defenses. Carefully evaluate your vendors and their security practices. Enable two-factor authentication whenever possible to prevent log-in fraud.
Proper patch management: Ensure that your operating systems and all applications installed on those systems have automatic updates enabled so that vendor security patches are installed in a timely manner. Ransomware relies on vulnerabilities in software, so by applying patches and remediating those vulnerabilities, you reduce the likelihood of a successful attack.
Endpoint protection software: Endpoint protection software includes a variety of security applications that protect your “endpoints” such as servers and computers from malware, cyberattacks and other threats. Because endpoints connect to IT networks and servers, an unprotected endpoint can pose a significant security liability. If an endpoint is compromised, it can lead to unauthorized access of applications, data theft, ransomware or a shutdown of critical systems. Reputable endpoint protection providers in this space include Crowdstrike, FireEye, SentinelOne, Microsoft Defender for Endpoints.
Always keep your guard up
Recent high-profile cyberattacks serve as stark reminders of the escalating threat landscape faced by businesses. Just like physical security at your self-storage facility, you can never let your guard down when it comes to your network security.
With ransomware attacks on the rise, it’s crucial for self-storage operators and all businesses to proactively strengthen their cybersecurity defenses. By focusing on people, processes, and technology, including staff training, carefully managed access controls, incident response plans, regular data backups, and cutting-edge technology, companies can fortify their resilience against cyber threats and safeguard their operations.
