K2E Canada Inc
  • Home
  • TRAINING
    • WEBINARS
    • ROAD TO EXCELLENCE ONLINE SEMINAR
    • SEMINARS
    • TECHNOLOGY CONFERENCE
    • INSTRUCTORS
  • NEWSLETTER
    • Signup
  • ABOUT
  • CONTACT
  • BLOG
  • Home
  • TRAINING
    • WEBINARS
    • ROAD TO EXCELLENCE ONLINE SEMINAR
    • SEMINARS
    • TECHNOLOGY CONFERENCE
    • INSTRUCTORS
  • NEWSLETTER
    • Signup
  • ABOUT
  • CONTACT
  • BLOG

Blackbaud Ransomware Attack Reiterates the Need for Strong Cybersecurity Controls

9/7/2020

 
Software publisher Blackbaud recently reported that the firm was a target of a ransomware attack. The attack, which occurred in May, affected numerous universities, alumni organizations, and other organizations that use the company’s administration, fundraising, and financial management software. Although the hack occurred in May, Blackbaud did not report the incident until July. In this article, you will learn more about the attack and what you can do to avoid becoming yet another victim of ransomware.

Statement from Blackbaud

The company posted the following statement on its website.

“In May of 2020, we discovered and stopped a ransomware attack. In a ransomware attack, cybercriminals attempt to disrupt the business by locking companies out of their own data and servers. After discovering the attack, our Cyber Security team—together with independent forensics experts and law enforcement—successfully prevented the cybercriminal from blocking our system access and fully encrypting files; and ultimately expelled them from our system. 

Prior to our locking the cybercriminal out, the cybercriminal removed a copy of a subset of data from our self-hosted environment. The cybercriminal did not access credit card information, bank account information, or social security numbers. Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed. Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly. 

This incident did not involve solutions in our public cloud environment (Microsoft Azure, Amazon Web Services), nor did it involve the majority of our self-hosted environment. The subset of customers who were part of this incident have been notified and supplied with additional information and resources. We apologize that this happened and will continue to do our very best to supply help and support as we and our customers jointly navigate this cybercrime incident.”

Blackbaud Paid the Ransom

Of note, Blackbaud disclosed in their statement that the company paid the ransom, although the amount is not available. The company’s payment stands in contrast to recommendations from most governments and cybersecurity organizations.

According to a published report at www.thenonprofittimes.com, Blackbaud paid the ransom using Bitcoin. However, the company did not make the payment until it was able to confirm that the hackers destroyed all data compromised in the attack. Further, the company indicated that the hackers did not compromise data such as credit card numbers, bank account information, and Social Security numbers.

Ransomware Remains a Significant Threat

According to Statista.com, ransomware remains a significant threat. In 2019 alone, 188 million attacks occurred worldwide. Further, SafeAtLast.co reports that the ransomware accounts for 56% of all malware attacks. Additionally, the average cost of a successful attack against a business in $133,000.

Identifying a Ransomware Risk

To minimize the risk of ransomware attacks, first understand the nine primary ways that it enters an organization, as detailed below.

  1. Unsolicited links and attachments in email messages.
  2. Malicious links in social media posts.
  3. Drive-by websites.
  4. Open and unsecured RDP/RDS ports in Windows.
  5. “Collateral damage” resulting from attacks on managed service providers.
  6. Attacks that spread through an organization, known as “lateral attacks.”
  7. Free and pirated software infected with ransomware.
  8. Ransomware installed on USB drives.
  9. Websites that serve “malvertising” dialog boxes.

Five Ways to Minimize Ransomware Risk

Understanding where the risks lie makes crafting a practical approach to combating ransomware a reasonable possibility. For most organizations, that approach should include at least the following five points.

  1. Train team members about the dangers of clicking on links and attachments in email messages and social media messages. Current estimates indicate that approximately 30% of email users click on unsolicited links and files, so repeated efforts in this are necessary.
  2. Educate team members on the risks associated with visiting specific types of sites on the Internet and consider implementing policies that indicate the kinds of websites they should not visit using company-owned assets and internet connections.
  3. Enable Windows Controlled Folder Access feature, a tool designed specifically to block ransomware attacks.
  4. Carefully choose your choice of anti-malware software and ensure that it updates contemporaneously.
  5. Assume your company will become a victim and incorporate recovery strategies into your Business Continuity/Disaster Recovery plans. As part of this strategy, routinely test your backups to ensure that it includes all data and that you can restore this information when the need arises. Additionally, consider creating Restore Points of each team member’s computer to speed the process of recovery in the case of an attack.

Summary

Ransomware remains a genuine threat to businesses of all sizes. It affects large software companies such as Blackbaud to small “mom-and-pop” operations. When ransomware strikes a business, the costs are high. Further, the damage to the victim organization’s reputation lasts for years. Yet, if we understand how ransomware creeps into companies, we can create an effective strategy for reducing our risk of becoming yet another victim.

Tommy Stephens


Comments are closed.

    Categories

    All
    2022
    Accountant
    Accounting Software
    Accounting Solutions
    Adobe
    Advisory
    AI
    Artificial Intelligence
    Automation
    Backup
    Bitcoin
    Blockchain
    Business Automation
    Business Continuity
    Business Intelligence
    Business Management
    Cloud Computing
    Collaborate
    Collaboration
    Colonial
    Computer
    COVID 19
    COVID-19
    CPA
    CRM
    Cryptocurrency
    Customer Relationship Management
    Cybersecurity
    Cyptocurrencies
    Dext
    Doc.It
    Ecommerce
    Emerging Technologies
    Entrepreneurs
    Excel
    Forecasting
    Forecast Sheet
    Google
    Grammarly
    HR
    Internal Controls
    Internal Priorities
    KPIs
    LET
    Links
    Management Reports
    Microsoft 365
    Microsoft Office 2021
    Microsoft Teams
    Office
    Office 365
    Online Shop
    Outsourcing
    Pandemic
    Paperless
    Personal Computer
    PivotTables
    Power Automate
    Power BI
    PowerPoint
    Productivity
    QuickBooks
    Quickbooks Online
    Ransomware
    Receipt Bank
    Remote Work
    RPA
    Sage 50
    Security
    Small Business
    Small Business Accounting
    Small Business Accounting Software
    Stockhistory
    Technologies
    Technology
    Tech Update
    Windows
    Windows 10
    Windows 11
    Word
    Work At Home
    Workflow
    Work From Home
    Xcm
    Zoho
    Zoho CRM

    Authors


    Ward Blatch
    Ward provides consulting and training services as the Managing Director of K2E Canada Inc. He joined K2E Canada in 2005 and is responsible for the Canadian operations of this international consulting group, which provides professional development technology education for accountants across Canada and the US. Ward lives in rural Nova Scotia and can be reached at ward@k2e.ca.

    Tommy Stephens
    Tommy is one of the shareholders in K2 Enterprises, affiliating with the Firm in 2003 and joining as a shareholder in 2017. At K2, Tommy focuses on creating and delivering content and is responsible for many of the Firm's management and marketing functions. Tommy resides in the metro Atlanta area. You may reach him at tommy@k2e.com.

    Randy Johnson
    Randy is a nationally recognized educator, consultant, and writer with over 40 years experience in Strategic Technology Planning, Accounting Software Selection, Paperless, Systems and Network Integration, Business Continuity and Disaster Recovery Planning, Business Development and Management, Process Engineering and outsourced managed services. Randy can be reached at randy@k2e.com


    Bernie Smith
    Bernie coaches businesses to develop meaningful KPIs and present their management information in the clearest possible way to support good decision making. As the owner of Made to Measure KPIs, he has worked with major organisations including HSBC, Airbus, UBS, Barclays, Credit Suisse, Lloyds and many more.

    RSS Feed

Training & Education

Webinars
Road to Excellence Online Seminar
Seminars
Conferences
Instructors

Tech News

K2E Canada's Tech Update Newsletter

More

Privacy Policy
About
Contact

K2E Canada Inc.  |  484 Scarlett Crescent  |  Burlington, ON L7L 5M2  |  (902) 200-9207
© 2022 K2E Canada Inc. ALL RIGHTS RESERVED.