Cyber Criminals Now Have the Keys to Your "House"

Baker Donelson
Contact

Baker Donelson

On Tuesday, December 8 one of the nation's leading cyber defense vendors (FireEye) announced it suffered a recent cyber-attack from a "highly sophisticated threat actor, one whose discipline, operational security lead us to believe this was a state-sponsored attack." While cyber-attacks have been plaguing organizations for years, the threats have grown increasingly more sophisticated and the level of criminal operation is unprecedented. The Advanced Persistent Threat (APT) groups are focused on larger organizations, however many times their targets are not specific and they end up infiltrating even the smallest of organizations. Unfortunately even some of our smaller clients have suffered cyber attacks which can have devastating and long term consequences.

The FireEye cyber-attack is a signal to all organizations that delay of critical resources toward information technology infrastructure and planning can no longer wait. The FireEye event will shift the cyber-attacks into overdrive, and 2021 will end with numerous organizations not only suffering a cyber-attack, but potentially suffering an attack that will mean the termination of operations. All hope should not be lost. There are several actions organizations can take now to add a line of defense in an effort to reduce the risk facing all organizations:

  • Understand and practice the incident response plan (IRP) with disaster recovery and business continuity specifics. Have these documents downloaded to paper in case the systems are unavailable. Make sure the IRP has contact information on cyber coverage, internal incident response team members, and key outside vendor contacts, including outside counsel.
  • Ensure your IT security professionals are monitoring the specific countermeasures published and recommended by FireEye and other cyber firms. Staying on top of these issues and concerns is of critical importance. There are threats evolving every day and it is important to understand how the models are pivoting. The ransoms are no longer small or insignificant. The ransom demands have expanded significantly and are, many times, crafted with knowledge about the organization. In the past year the threat model has been enhanced to perform significant reconnaissance and exfiltration of information prior to unleashing the ransom. Once the organization's files are encrypted and the ransom note is released, it is too late – the damage has largely been done. This should be of grave concern to organizations with confidential information and trade secrets, personal information for customers or employees, and certainly for those who rely on systems for executing their business, whether it be supply chain, e-commerce, health care or technology. In other words, every organization, large or small, can be subject to a devastating cyber-attack.
  • Use this event as an opportunity to continue the risk discussion within your organization. Management should be gathering key department leads to understand the issues and develop a culture of risk management and planning. Operations leads should be key players with the management team and IT to develop a robust understanding and program.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Baker Donelson | Attorney Advertising

Written by:

Baker Donelson
Contact
more
less

Baker Donelson on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.