Ransomware: Does Your Company Have a Defense Strategy?

News last month that hackers have stolen confidential plans for upcoming Apple products, from an external supplier, provides a timely reminder of the growing threat of ransomware attacks – and how they can hit at any point of a corporate supply chain. In an increasingly globalized and digitized market, cybersecurity considerations must be extended beyond a business’s four walls, as BIG Language Solutions’ Luis de la Vega explains.

Ransomware poses a threat to all businesses that hold and communicate their data online. Like most forms of cyberattacks, this threat is always evolving. This can make it difficult for organizations, including major tech giants, to effectively police and control access to sensitive data and confidential documents. According to cybersecurity specialist PurpleSec, ransomware attacks are estimated to cost USD 6 trillion annually by 2021 with the average cost per business per year more than USD 75 billion. Its research also reveals that a new organization will fall victim to ransomware every 11 seconds by 2021, making ransomware defense strategies a core priority for IT and security departments.

Cybercriminals have a knack for finding the weakest link in the data communication or data storage chain. As with the recent Apple incident, where the company’s products were targeted via its manufacturer Quanta Computer in Taiwan, this weak spot can often be found in the systems and security protocols used by trusted external partners and suppliers.

Any business that uses vendors or contractors needs to consider cybersecurity across the complete lifecycle of data and documents, therefore. This should include everything from the systems used to share data and documents to the devices on which they access, process, and store the work. Yet, many companies do not know how their data or documents are being processed, let alone whether – or even how – their internal security protocols are being followed outside their business’s own four walls.

What is ransomware?

 

Ransomware describes a type of malicious software (malware) that hijacks a company or individual’s data and threatens to block access to it unless a ransom is paid. It is often the result of a virus that an employee or private individual is tricked into downloading (e.g., via email attachment) that encrypts their computer files, locking them until payment is received for the decryption key. 

While the amount of ransom demanded can vary, the attacks can be crippling for companies and individuals. In 2020, high-profile ransomware attacks hit everyone from private individuals to global banks, e-commerce giants, government organizations, and hospitals, and vast sums are at stake. According to ransomware incident response firm Coveware, the average payment for a ransomware attack was USD 178,000 by mid-2020.

Coveware’s research also found that small- and medium-sized professional firms are one of the biggest targets for ransomware attacks, with more than 70% of ransomware incidents in the US reported by companies with fewer than 1,000 employees in Q3 of 2020. Such companies are particularly at risk as they tend not to have large IT teams, may not have disaster recovery protocols in place for important data, or even believe that they are at risk in the first place.

Understanding the links in the security chain

 

Part of this is due to time pressure, of course. As businesses have expanded globally, we have seen increased commoditization of once internal business processes, where tasks have been split up, packaged or bundled up, and then outsourced to suppliers. Today, business process outsourcing includes everything from lower-cost manufacturers in Asia to Language Service Providers (LSPs).

While cost and speed may once have been the biggest drivers for outsourcing, quality and security have now also risen in importance – and rightly so. In the context of cybersecurity, any supplier that touches sensitive and confidential data may now pose businesses a threat. In our industry, for example, that could include a linguist inadvertently exposing sensitive documents by choosing to work from an internet cafe, losing their laptop, or emailing confidential files using a personal account.

It should go without saying, that businesses need to work with vendors that have robust security protocols in place to control data communication and collaboration. One way to achieve this is to extend the cybersecurity standards and protocols that are followed internally to their external vendors. This should include measures relating to firewalls, data and document retention, disaster recovery, and password control, for example. From a ransomware and malware perspective, antivirus software and data back-ups are also critical, including threats specific to common attack vectors.

Alternatively, companies should look to work with vendors that have built security protocols into the very core of their business. Only then will they be able to provide a fully secure system for managing sensitive and confidential data that guarantees the security and retention of all documents, end to end, during the outsourcing process.

Share this post

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on email
Email

Don’t Stop Here

More To Explore

  • All
  • Case Studies
  • Consumer Goods & Retail
  • Education & eLearning
  • Entertainment
  • Events & Hospitality
  • Financial Services
  • Government & Defense
  • Healthcare
  • Insights
  • Insurance
  • Interpretation
  • Legal
  • Manufacturing
  • Market Research
  • Marketing & PR
  • Miscellaneous
  • Multimedia
  • News
  • Security
  • Translation
  • Travel
All
  • All
  • Case Studies
  • Consumer Goods & Retail
  • Education & eLearning
  • Entertainment
  • Events & Hospitality
  • Financial Services
  • Government & Defense
  • Healthcare
  • Insights
  • Insurance
  • Interpretation
  • Legal
  • Manufacturing
  • Market Research
  • Marketing & PR
  • Miscellaneous
  • Multimedia
  • News
  • Security
  • Translation
  • Travel

Why Technical Translations are Crucial to the Manufacturing Industry

All industries struggle with language barriers and translations in this increasingly globalized economy. However, some industries have it worse than others. The manufacturing industry is …

Read More →

508 Compliance for Translated eLearning Documents

Translation and localization expertise is essential for organizations to communicate effectively in foreign markets with distinct cultures. Across all cultures, moreover, hearing- and vision-impaired individuals …

Read More →
Technical Translation

The Value of Expert Technical Translations and Why It Matters To You

Since the Covid-19 pandemic hit in early 2020 – effectively shutting down many traditional brick and mortar stores – a significant portion of buying and …

Read More →
Translation Memories

Getting to Market Quicker with Translation Memories

If you want your business to expand globally ‘translation’ and ‘localization’ are terms you will become very familiar with. Whether you’re a software development company, …

Read More →

eLearning Localization: Technical Challenges That Go Beyond Language

Accurate translation and cultural appropriateness are clear objectives when attempting to localize your international eLearning content.  But your challenges don’t end there: you also face …

Read More →
Cultural Nuances

Why Cultural Nuance is Fundamental to Translation

The world today has never been more connected. Once the current pandemic has sufficiently eased, we’ll be able to travel the world again. Want to …

Read More →

got a question? send us a message.

send us your info, and we'll get in touch asap! 

no thanks, take me back to your site

ready to learn about transforming your business?

no thanks, take me back to your site

SIgn up to learn how we slashed costs for a major credit card company