Dr. Manjeet Rege teaches a Graduate Software Engineering Class in O'Shaughnessy Science Hall on February 26, 2015.

Outside Consultant: What Steps Should Business Leaders Take to Counter Ransomware and Other Cyberattacks?

This "Outside Consultant" column by Manjeet Rege, professor and chair of the University of St. Thomas' Graduate Programs in Software and director of the Center for Applied AI, ran in the Star Tribune on March 21, 2022.

Technology is the brain behind the success of most companies, organizations and countries. Often, people in the technology space spend a huge amount of money protecting their networks, systems and data; cyberattacks have become rampant. Just as other great advancements have been chalked in the IT space over the years, cyberattacks also have been changing forms and developing new ways of breaking through computer systems and networks. Cyberattacks can affect various aspects of an organization’s day-to-day activities and can be perpetuated by an organization or by a private individual for varied reasons.

Recently, high levels of cyberattacks have threatened organizations around the world. Last year, Brazil’s JBS, the world’s largest meat processor, had its operations in the U.S., Australia and Canada halted because of a cyberattack targeting the company’s supply chain. This caused massive food price inflation in the countries it mostly supplies its products to. To stop this from further hampering their operations, a ransom of $11 million was paid to the group involved in this attack.

The major problem of tracking and finding persons involved in these attacks has been the emergence of cryptocurrencies. Cryptocurrencies have fueled a wave of ransomware attacks of approximately $1.4 billion in the U.S. alone. This is because bitcoin and other cryptocurrencies are difficult to trace. Even though not impossible, they offer a level of anonymity, and can be used across borders and countries with ease. This has made criminals feel safe asking for ransoms using that mode of payment and inviting others into the space.

Cyberattacks can primarily be stopped aside the control of the cryptocurrencies by always training your staff (including the nontech staff) on security measures and always keeping them updated with new types of attacks. In addition, it is very important to always update the organization’s systems and perform regular backups of essential data. One critical way is also collaborating with other organizations on security measures, especially those who have fallen prey to these cyberattacks. Information sharing is key since technology is constantly improving, including the methods of attacks. Keeping abreast of the latest information on minimizing such attacks goes a long way to help eventually prevent such attacks. 

Manjeet Rege, PhD, is professor and chair of the Graduate Programs in Software and director of the Center for Applied AI at the University of St. Thomas. He’s also host of the “All Things Data” podcast.