Print Page | Contact Us | Sign In
SSA Blog
Blog Home All Blogs
We welcome your submissions to the SSA Blog. Please send blog posts to Christy Docauer at ssa@shareholderservices.org for review and consideration. Disclaimer: Information and/or comments to this blog is not intended as a substitute for legal advice.

 

Search all posts for:   

 

Top tags: unclaimed property  blockchain  cybersecurity  dematerialization  environment  medallion signature guarantee  virtual shareholder meetings  automation  crypto  dormancy triggers  DTC  DTCC  indication of owner interest  ransomware  SEC  T+1  transfer agents  U-STAMP  VDA  VSM 

Ransomware and Other Cybersecurity Threats Surge

Posted By SSA, Monday, January 24, 2022

Major ransomware attacks were big news in 2021. This form of cyberattack occurs when malicious software encrypts victims’ data with the offer to unlock it only after a ransom is paid – usually in the form of cryptocurrency.

In July 2021, hackers halted business at more than 1,500 companies by exploiting security vulnerabilities in Kaseya VSA remote monitoring and management software. Companies using the software were locked out of essential files for more than two weeks, virtually held captive by ransom demands for $70 million. Kaseya eventually was able to unlock the files without paying the ransom, but substantial damage was already done.

Even without paying the hefty ransom demands, companies that fall victim to ransomware attacks face downtime, mitigation costs and significant reputational harm.

While the $70 million Kaseya demand, along with a May 2021 ransomware shutdown of Colonial Pipeline’s largest fuel pipeline network, made big news, hackers don’t limit their attacks to large companies and demands for millions of dollars. Businesses of all sizes and individuals are at risk and falling victim every day.

Insurers have responded to these increased threats by increasing rates, imposing more stringent coverage limits. Companies that may have previously looked to insurance as a significant piece of their ransomware protection plan are finding insurance company pullbacks making that option less appealing.

Frequent training of all employees and vulnerability testing are two essential methods for protecting against ransomware and other attacks. However, the Kaseya attack reflects how much risk comes from outside sources – software providers and other parties with which companies exchange data.  

Companies have also found increased exposure as a result of the increasingly decentralized working environment brought about by the pandemic. As more people work remotely on networks and systems that aren’t as easily controlled and monitored as the standard-issue PCs and internal networks, cybersecurity threats abound.

Awareness of the most likely threats is the first step toward decreasing the risk of a catastrophic data breach. So, what are the biggest potential threats should shareholder services professionals know about, and what can they do to help minimize the risk?

During SSA’s Cybersecurity and Shareholder Services webinar on Feb. 3, 2022, John Meakin from EQ and Jonathan Klein from Broadridge will examine ransomware, issuer and transfer agent supply chain risk management, and new workplace challenges resulting from the pandemic. Register today.

Tags:  cybersecurity  ransomware 

PermalinkComments (0)