A recent survey performed by Cybereason found that 80% of organizations that fell victim to a ransomware attack and paid the ransom were attacked again. They also report that 68% of those that suffered a second attack were attacked within one month of the first attack – yikes! It doesn’t stop there. Apparently, once the cybercriminal gets their hooks into a sucker who has weak cyber defenses, they not only come back for more but they also demand a higher ransom amount.
The Cybereason study found that 73% of the organizations they surveyed had at least one ransomware attack in 2022. This number is up from 55% that they found in their 2021 study. There is no doubt about it – cybercrime is getting worst, the cybercriminal is getting more aggressive, and the cybercriminal’s capabilities are becoming more sophisticated.
Cybercriminals aren’t dumb. Just like you, they love repeat customers. And, once they find a customer that is especially easy to sell to then they keep going back for more. From the cybercriminal’s perspective, if your dealership has a weak cyber defense then you are the perfect target.
It’s easy for someone with the proper tools and expertise to quickly assess your dealership’s cybersecurity posture. You simply can’t hide a weak cyber defense from the cybercriminal. Then, once the cybercriminal gets a whiff of an easy target, they start coming. It’s almost like attracting bees to honey. In fact, you may end up with a line of cybercriminals waiting to take your money. It’s not uncommon for multiple threat groups to simultaneously attack the same organization.
So, what should you do? Well, if you’ve been attacked then make sure that you have a solid understanding of the root cause of the attack. This requires someone with cybersecurity and digital forensics expertise to determine how the cybercriminal penetrated your network and moved throughout your IT environment. You need this information to prevent the attack from happening again.
Additionally, improve your cybersecurity hygiene. Having good cybersecurity hygiene will address most of the vulnerabilities that result in a cybersecurity incident. These include things like not knowing what endpoints are connecting to your network, not detecting indications of an attack in the making, failing to expeditiously implement security patches, and having employees falling victim to phishing or social engineering attacks.
Lastly, the key to minimizing or even eliminating the impact of an attack is to continuously monitor your environment to identify indications of suspicious behavior and then stopping the attack in its infancy. This can only be achieved with continuous threat monitoring – 24x7x365.
If you’d like to know whether or not your dealership is an attractive target for the cybercriminal then then ask us about our complementary IT risk assessment. We’ll let you know where your vulnerabilities are and how you can address them in a practical manner.