The year 2022 started with ransomware attacks on global IT providers and digital transformation providers. This was no fault of the LAPSUS$ ransomware gang. Ransomware has often been discussed only in relation to the affected organisations. This is correct, because victimized companies often suffer severe disruptions to their operations. 2020 will see the US become the world’s largest economy. Federal Bureau of Investigation Received 3,729 ransomware-related complaints. Ransomware attacks recently caused a Danish company to close all 175 of its stores. 81% worldwide organizations have been identified as being insecure. highly concerned Ransomware attacks
The most recent Sophos report showed that “66% of organizations were hit by ransomware in the last year, a 78% increase over the previous year”. These organizations experienced operational disruptions of 90%, while 86% suffered revenue and business losses. The number of ransomware variations nearly doubled between the 2021 and 2022 first quarters. The popularization of Ransomware-as-a-Service (RaaS), and the willingness of affected organizations to pay are some drivers for increased ransomware attacks.
Ransomware has received little attention from the public. This limitation is being replaced by increased scrutiny over how organizations deal with environmental, social and governance issues (ESG). ESG involves incorporating environmental and social policies and practices in corporate decisions and processes to identify and mitigate risk factors that could jeopardize an organization’s ability to remain operational and sustainable. ESG risks aren’t just important for investors. Governments also demand that ESG disclosures be made by organizations before making investment decisions. The Securities and Exchange Commission is empowered by the US ESG Disclosure Simplification Act of 2020 to set standards for ESG disclosure. This is the European Union ESG Disclosure requirements have been established by the ESG Disclosure Committee. Asset managers are required to adhere to these disclosures in reporting.
Ransomware, an ESG Scope
Ransomware attacks and cyber threats pose a threat to the environment, governance and social well-being of organizations. Ransomware attacks on an environment system can have serious consequences for the environmental, governance, and social systems. Ransomware attacks on environmental groups have recently disrupted their operations. Enthalpy Analytical The laboratory network is responsible for testing environmental pollutants and ensuring that quality soil, water, or air services are delivered. The Weather Channel was hit with ransomware during severe weather broadcasts in 2019. This directly affected thousands of viewers who relied upon the channel to provide information for their logistics and transportation plans. Not only is ransomware a security concern but also affects areas that are relevant to ESG.
Ransomware has a social impact
The social tabletar in ESG is primarily concerned with an organization’s stance on social issues and how their position affects internal and external stakeholders. Customer data protection is an integral part of any organization’s social responsibility. Ransomware attacks that are successful have an immediate impact on the general public. They can disrupt lives and cause havoc to the health of the population. Ransomware, and other cyber threats, have been shown to have psychological and social impacts on the general public.
According to a report by a, healthcare topped the list as the most targeted sector for the second quarter in 2022. Kroll report. The ransomware attacks experienced a 90% rise in this same time frame compared to the first quarter 2021. Ransomware attacks increased by 90% in the same period as 2021’s first quarter. 2017 WannaCry ransomware attack against the UK’s National Health Services resulted in widespread disruption and psychological effects for many. The impact of operational disruption on patient care delivery, and other vital functions is also felt. It is possible to also evidence Ransomware is linked to higher death rates. Ransomware is not only a cause of increased mortality rates, but it has also led to a rise in mental health problems among cybersecurity professionals. Aside from the obvious consequences, ransomware also has a significant impact on mental health. lack of confidence Cybersecurity professionals in impacted companies reported that 51% take prescription medications to manage their mental health. 64% of them report difficulty getting work done. High stress, suicidal behaviour, burnout and depression are some of the signs.
Attacks against the government have increased dramatically agriculture sector. A 2021 attack on the world’s largest meat processor not only disrupted its operations at multiple facilities, but it also had a ripple effect on the meat market and led to an increase in meat price. It was the timing of these attacks that made it so dangerous. critical planting and harvest seasons To maximize disruption and pressure organizations to pay, ransomware was used. Ransomware, which is a form of ransomware, will be an increasing threat to precision agriculture and increase hunger and starvation. More than 2 billion people are at risk of becoming extorted. food insecurityRansomware attacks against the agriculture sector will result in an increase in hunger worldwide and a proportionately greater risk of starvation, with 345 millions already suffering from acute hunger.
Businesses today rely on energy for their survival. Incessant attacks A major disruption in the supply chain results from the opposition to the energy sector. The 2021 collapse of the US’ largest refinery product pipeline was a significant blow to the supply chain. ransomware an attack that resulted in a disruption of life. Millions of Americans were directly affected by the attack. In addition to the fuel shortage, station owners with limited supplies were plagued by frustrated customers and even physically abusive customers. Their lives were disrupted for many days. Just last month, a ransomware attack impacted the operations of Greece’s largest natural gas transmission operator. Attacks on the Energy Industry, a crucial infrastructure, have a direct impact on millions of people who depend on these products.
Ransomware attacks are a visible cause of social disruptions and economic losses. They also increase poverty. The ransomware attack on Costa Rica The country declared a state of emergency due to severe disruptions. Ransomware attacks often cause organizations to make the costly decision of paying to have their data restored. Ransomware victims incur additional costs, including litigation and compensation. Ransomware can cause employment losses as the impacted companies are forced to cut staff because of budgetary effects. Reduced employment means greater public assistance costs, and prolonged unemployment can lead to increased poverty and other negative psychological consequences.
ESG Disclosure about Ransomware
Organizations in the US might soon have to report on ransomware attacks. However, ESG disclosures are expected soon. These disclosures would include ransomware, as well other cyber threats. It isn’t just for the US. global drive It is important to disclose cybersecurity risks that could impact sustainable investments and business operations. Ransomware disclosure will have a critical impact on investment decisions and organizations’ financial sustainability. Ransomware can be addressed not only because it is socially responsible but also because organizations stand to gain tremendously by implementing controls that reduce ransomware’s impact and success.
ESG Ransomware Disclosure should not be the main factor driving cybersecurity governance and protecting against ransomware. Ransomware can affect every part of society, including healthcare, energy and transportation. It also has a negative impact on government operations. Ransomware should be classified as an act of terrorism, a national security emergency and a public health problem. If ransomware is not dealt with as a global threat, the risk to health and socio-economic stability could be catastrophic for all of humanity.
Information about the Author Funso Richard An Information Security Officer for a healthcare organization and a GRC Think Leader, he is also a GRC Thought Lead. His writings include cybersecurity strategies, governance, and business risks.
Editor’s Note: Tripwire, Inc. does not endorse the views expressed in this guest writer article.