Doubling-down on ransomware protection

Joe Dysert

As the threat of ransomware has reached new heights in 2021, many lumber and building materials businesses are doubling-down on their defense against the scourge—making sure they’ve done everything they can to avoid becoming a victim.

“This year, we’ve already received 13 cyber claims—all of which were either the result of ransomware or spoof mail,” says John Smith, president and CEO of Pennsylvania Lumbermens Mutual Insurance Company.

Many owners of even the smallest lumber and building materials business realize they are prime targets for these hackers, who see small businesses as generally easy to penetrate, plunder and fool.

- Sponsor -

“Ransomware is most commonly known to spread through a malicious link via phishing email. And that’s probably where most perceive the risk,” Smith says. “But the web is the next most common way to spread ransomware. We Google everything and point-and-click away, not thinking much about the validity of the content until after we’ve already clicked.”

Indeed, successful ransomware attacks across the U.S. have proven so visceral this year, they’ve triggered an execeutive order from President Joe Biden—urging all U.S. businesses to get serious about ransomware protection. Biden’s order “calls for federal agencies to work more closely with the private sector to share information, strengthen cybersecurity practices, and deploy technologies that increase reliance against cyberattacks. It outlines innovative ways the government will drive to deliver security and software— using federal buying power to jumpstart the market and improve the products that all Americans use.”

During 2021 alone, businesses across the U.S. have been reeling from successful ransomware attacks, including attacks against SolarWinds, a commonly used IT management software program; the ransomware disruption of service on the Colonial Pipeline, the largest conduit of refined oil products in the U.S. and the ransomware seizure of computer files of the Washington DC Metropolitan Police Department.

Still other ransomware takedowns include a takeover of computer files at Goliath meatpacking concern JBS Foods as well as at the National Basketball Association.

Granted, authorities have occasionally gotten lucky against ransomware hackers during 2021. Excellent cyber forensic work by the U.S. Department of Justice, for example, clawed back $2.3 in Bitcoin that the Colonial Pipeline paid to ransomware hackers to help get its computer network up-and-running again.

“Following the money remains one of the most basic, yet powerful tools we have. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks. Today’s announcements also demonstrate the value of early notification to law enforcement. We thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by Dark Side,” said Lisa O. Monaco, U.S. deputy attorney general.

Even so, hackers more often than not get away with their exploits, extorting hundreds of thousands of businesses across the globe each year—and disrupting the day-to-day operations of each. Overall, 37% of organizations across the world have experienced some sort of ransomware attack between May 2020 to April 2021, according to a study from cybersecurity firm Sophos.

Based on that survey of 5,400 IT managers at mid-sized organizations across 30 countries, the study also found that the average ransom paid to recover data from a ransomware attack was $170,404.00. Not surprisingly, many of the criminals behind those successful ransomware attacks ignored promises to restore computer files once ransoms were paid, according to the study.

Specifically, on average, victimized organizations in the study that paid ransoms only received 65% of their data. And only 8% of organizations forking over money to hackers were able to retrieve all of their files, according to the Sophos study. Equally vexing for the victim organizations was the cost to day-to-day business. On average, the cost to restore the impact of a successful ransomware attack on a mid-size business—taking into account downtime, lost wages, device cost, network cost, lost sales, and ransomware paid was $185 million.

Plus, hackers have increasingly exploited a new wrinkle in their ransomware schemes during the past year—threatening and often making good on threats—to publish sensitive data found in business files on the Dark Web if a victim business refuses to pay a ransom.

While news stories tend to focus on ransomware attacks on large corporations, LBM businesses are just as likely to to be targeted by hackers. Plus, even at the smallest lumber and building materials business, a ransomware shutdown hurts, grinding its revenue stream to a halt and running the owner ragged trying to find a way to get computers up-and-running again.

That’s why it’s imperative to start putting together a plan to handle and mitigate ransomware and similar cybersecurity threats, which many believe should include comprehensive cybersecurity insurance.

Without such a plan, you’ll most likely be caught flat-footed, struggling to deal with a swirl of chaos that might force you to make quick decisions you’ll later regret.

“For example, our cyber security incident response plan empowers the head of IT and our cyber partner to shut down systems immediately if it is deemed necessary to contain or research a serious event such as a ransomware attack,” Smith said. “You often can’t think about those kinds of things in the moment.”

But perhaps most important in safeguarding your lumber and materials business against a hacker breach is ensuring your employees are brought up-to-speed on all the ways hackers are trying to trick them into clicking on links, revealing IDs and or passwords or otherwise providing access to the company network that can, and often does, result in devastation.

“The human factor is the most concerning to us when it comes to ransomware. Be sure you engage your entire company and build a cyber-aware culture. Have a plan in place to educate your staff on what to look for and how to report suspicious emails or links,” Smith said.

In the end, it appears the scourge of ransomware and similar cybersecurity threats is doomed to relentlessly playout as a never-ending game of cat-and-mouse. The idea is to be the cat—not the mouse.


Joe Dysart is an internet speaker and business consultant based in Manhattan.

Stay Updated

Get our email newsletter with LBM industry trends, data, new products, and best practices.