Feb. 27, 2023
#47 Protecting SMEs and Startups from Ransomware Attacks, lessons we can learn from enterprise

In this episode, we discuss the growing threat of ransomware attacks and their consequences for small and medium-sized businesses (SMEs) and startups. We share two recent stories of ransomware attacks (The Dole Food Company, and Dish Network) and discuss how SMEs and startups can protect themselves with basic security measures and the help of cybersecurity experts.
https://securityaffairs.com/142726/cyber-crime/dole-food-company-ransomware-attack.html
https://siliconangle.com/2023/02/26/dish-network-services-remain-offline-sunday-following-suspected-cyberattack/
1
00:00:09,700 --> 00:00:12,800
Hello and welcome to a new
episode of the CTO show with
2
00:00:12,800 --> 00:00:15,200
Mamet.
My name is Muhammad, I shared
3
00:00:15,200 --> 00:00:18,300
daily insights about the latest
news and Trends in technology
4
00:00:18,600 --> 00:00:21,100
while exploring their
problem-solving abilities.
5
00:00:21,500 --> 00:00:24,700
I also talked about startups and
entrepreneurs behind their
6
00:00:24,700 --> 00:00:26,700
Innovative products and
services.
7
00:00:28,000 --> 00:00:31,600
Today I'm going to talk about
the growing threat of ransomware
8
00:00:31,600 --> 00:00:36,500
attacks and how small and
medium-sized businesses smbs and
9
00:00:36,500 --> 00:00:40,800
startups can protect themselves.
I will be sharing to recent
10
00:00:40,800 --> 00:00:44,100
stories of ransomware attacks
that happened over the weekend
11
00:00:44,500 --> 00:00:49,900
and what are the consequences of
these attacks for small medium
12
00:00:49,900 --> 00:00:56,100
businesses and startups as well?
What can be done to prevent and
13
00:00:56,100 --> 00:00:59,300
reduce the risks of Of such
incidents.
14
00:01:00,800 --> 00:01:06,500
First, the Dole food company was
hit by ransomware attack at the
15
00:01:06,500 --> 00:01:11,600
end of last week, the Dole food
company, which is a major Global
16
00:01:11,800 --> 00:01:16,800
producer for vegetables and
fruits, they fell victim to the
17
00:01:16,800 --> 00:01:21,400
attack and it resulted in a
theft of sensitive data.
18
00:01:23,000 --> 00:01:27,800
That tackers demanded a large
sum of money in exchange for the
19
00:01:27,800 --> 00:01:31,800
safe return of the data and
despite dolls effort to
20
00:01:31,800 --> 00:01:34,500
negotiate and mitigate the
impact of that tag.
21
00:01:34,800 --> 00:01:38,300
It's still unclear, whether the
data has been safely returned
22
00:01:38,800 --> 00:01:41,800
leaving Dole and its customers
at risk.
23
00:01:43,300 --> 00:01:45,400
Before I tell you about the
Second Story.
24
00:01:46,000 --> 00:01:52,100
One side note here is that such
a company for sure, they deal
25
00:01:52,100 --> 00:01:56,600
with a lot of contractors.
They have a lot of supply chain.
26
00:01:57,400 --> 00:02:02,100
So although they might have been
using the proper technology.
27
00:02:03,500 --> 00:02:08,699
The supply chain played in my
opinion, a big role in having
28
00:02:08,699 --> 00:02:12,600
this attack because such a huge
company that distribute
29
00:02:13,100 --> 00:02:19,400
worldwide, I'm sure they have
taken all the required
30
00:02:19,400 --> 00:02:22,800
measurements.
But of course the coming days
31
00:02:22,800 --> 00:02:26,300
will show us what the
investigation results will be.
32
00:02:27,100 --> 00:02:31,100
The second story was from Dish
Network Services, who went
33
00:02:31,100 --> 00:02:36,500
offline following a Sabra Back
in another recent incident, the
34
00:02:36,500 --> 00:02:41,000
dish network is a major u.s.
satellite TV provider suffered.
35
00:02:41,000 --> 00:02:44,500
A suspected Cyber attack that
caused many of its services to
36
00:02:44,500 --> 00:02:48,300
go offline including their
website and their mobile apps.
37
00:02:49,300 --> 00:02:52,300
While the full extent of this
attack is still being
38
00:02:52,300 --> 00:02:56,800
investigated the incident,
underscore the potential for
39
00:02:56,800 --> 00:03:00,200
cyber attacks to disrupt
critical infrastructure and
40
00:03:00,200 --> 00:03:06,400
caused widespread disruption.
Why I shared these two stories.
41
00:03:06,400 --> 00:03:09,400
So both companies are very
well-known.
42
00:03:09,400 --> 00:03:16,400
They are big companies and I
wanted to relate this to small
43
00:03:16,400 --> 00:03:23,400
medium businesses and startups.
Consequences can be really
44
00:03:24,000 --> 00:03:28,600
unexpected because these stories
illustrate, the serious and
45
00:03:28,600 --> 00:03:32,800
growing threat, that ransomware
attack, and other cyber attacks,
46
00:03:32,800 --> 00:03:38,600
can pause to businesses at all
sizes and at all types but smes
47
00:03:38,600 --> 00:03:43,800
and startups are often seen as
easy targets by attackers who
48
00:03:43,800 --> 00:03:46,900
know they are less likely to
have robust cyber security
49
00:03:46,900 --> 00:03:50,900
measures in place.
And the consequences can be
50
00:03:50,900 --> 00:03:54,100
severe.
What can be these consequences
51
00:03:54,100 --> 00:03:58,400
Financial loss due to the
payment of the ransom, lost
52
00:03:58,400 --> 00:04:02,700
Revenue disrupted operations,
reputational damage, as
53
00:04:02,700 --> 00:04:06,700
customers will lose trust and
seek other vendors legal and
54
00:04:06,700 --> 00:04:09,900
Regulatory fines for failing to
protect sensitive data or comply
55
00:04:09,900 --> 00:04:13,000
with cyber security regulations
and employees.
56
00:04:13,000 --> 00:04:15,900
Morale and productivity issues
as they deal with the Fallout of
57
00:04:15,900 --> 00:04:18,399
a cyberattack.
Even more.
58
00:04:18,399 --> 00:04:22,500
And I have seen two ones, the
business can go bankrupt.
59
00:04:22,700 --> 00:04:26,200
Corrupt because they would lose
all their customer data.
60
00:04:26,200 --> 00:04:29,400
They would lose all their
systems and they cannot come
61
00:04:29,400 --> 00:04:32,700
back.
So protecting smes and startups
62
00:04:32,700 --> 00:04:36,500
from ransomware attacks can be
done.
63
00:04:38,000 --> 00:04:40,100
In a different approach I would
say.
64
00:04:40,100 --> 00:04:43,500
So well, approaches to implement
a multi-layer defense system
65
00:04:43,500 --> 00:04:48,400
that include basic security
measures like strong passwords
66
00:04:48,700 --> 00:04:52,700
multi-factor authentication,
regular software, updates, and
67
00:04:52,700 --> 00:04:57,400
employee training.
It's also important to have some
68
00:04:57,900 --> 00:05:00,900
business, continuity, plans and
Disaster Recovery plans in
69
00:05:00,900 --> 00:05:04,500
place, so that critical data can
be restored in the event of an
70
00:05:04,500 --> 00:05:09,100
attack.
However, many of these smes and
71
00:05:09,100 --> 00:05:12,200
startups may not have the
expertise or resources to
72
00:05:12,200 --> 00:05:15,200
implement and maintain such a
defensive system.
73
00:05:16,400 --> 00:05:19,700
This is where consultative
approach can help.
74
00:05:20,700 --> 00:05:24,500
So working with cyber Security,
Experts and business continuity
75
00:05:24,500 --> 00:05:28,800
experts can help smes and
startups to develop a customized
76
00:05:28,800 --> 00:05:33,300
defense plan that meets their
specific needs and budgets this
77
00:05:33,300 --> 00:05:37,100
can include risk, assessments
employee training and
78
00:05:37,100 --> 00:05:41,300
implementation of affordable,
security tools, like firewalls
79
00:05:41,300 --> 00:05:47,400
edrs and so on.
In conclusion, I think this
80
00:05:47,400 --> 00:05:52,700
topic should be more in lighted
because we're living in a world
81
00:05:52,700 --> 00:05:56,100
where every day, every 11
seconds to be more precise.
82
00:05:56,500 --> 00:06:00,300
There is a Cyber attack a
ransomware attack and that's
83
00:06:00,300 --> 00:06:05,100
more important than any time
before to stand by these smes
84
00:06:05,100 --> 00:06:13,600
and startups because they are
trying to get their hands on go.
85
00:06:13,800 --> 00:06:18,200
The business they want to stand
and help the economy.
86
00:06:18,400 --> 00:06:22,400
So it's very important to take
care of this segment of the
87
00:06:22,400 --> 00:06:27,200
market.
I hope you find today's episode
88
00:06:27,200 --> 00:06:32,700
helpful and it helps to raise
the awareness about the growing
89
00:06:32,700 --> 00:06:38,000
threat of ransomware and
different cyberattacks types and
90
00:06:38,000 --> 00:06:43,300
specially how we can protect
smes and startups any special.
91
00:06:44,100 --> 00:06:48,400
Tough economic situations like
the ones we are in.
92
00:06:49,400 --> 00:06:54,700
So as usual, I hope you enjoyed
this episode, I'm always looking
93
00:06:54,700 --> 00:06:58,600
forward to have your feedback.
If you want to ask any question,
94
00:06:58,600 --> 00:07:03,300
you want to have any opinion, I
would be more than happy to
95
00:07:03,300 --> 00:07:07,400
discuss that you can reach me by
email on LinkedIn or Twitter.
96
00:07:07,400 --> 00:07:12,900
And by the way, if you want to
be, also a guest on my podcast,
97
00:07:12,900 --> 00:07:17,700
I would be more than happy to
discuss cybersecurity topics and
98
00:07:17,700 --> 00:07:19,200
other topics that I usually
describe.
99
00:07:19,400 --> 00:07:23,300
Gus, whether it's a, I know code
entrepreneurship.
100
00:07:23,600 --> 00:07:26,900
So I would be looking forward to
hear from you.
101
00:07:27,300 --> 00:07:30,700
Thank you very much for joining
this episode today and until we
102
00:07:30,700 --> 00:07:32,400
meet next time.
Bye bye.
00:00:09,700 --> 00:00:12,800
Hello and welcome to a new
episode of the CTO show with
2
00:00:12,800 --> 00:00:15,200
Mamet.
My name is Muhammad, I shared
3
00:00:15,200 --> 00:00:18,300
daily insights about the latest
news and Trends in technology
4
00:00:18,600 --> 00:00:21,100
while exploring their
problem-solving abilities.
5
00:00:21,500 --> 00:00:24,700
I also talked about startups and
entrepreneurs behind their
6
00:00:24,700 --> 00:00:26,700
Innovative products and
services.
7
00:00:28,000 --> 00:00:31,600
Today I'm going to talk about
the growing threat of ransomware
8
00:00:31,600 --> 00:00:36,500
attacks and how small and
medium-sized businesses smbs and
9
00:00:36,500 --> 00:00:40,800
startups can protect themselves.
I will be sharing to recent
10
00:00:40,800 --> 00:00:44,100
stories of ransomware attacks
that happened over the weekend
11
00:00:44,500 --> 00:00:49,900
and what are the consequences of
these attacks for small medium
12
00:00:49,900 --> 00:00:56,100
businesses and startups as well?
What can be done to prevent and
13
00:00:56,100 --> 00:00:59,300
reduce the risks of Of such
incidents.
14
00:01:00,800 --> 00:01:06,500
First, the Dole food company was
hit by ransomware attack at the
15
00:01:06,500 --> 00:01:11,600
end of last week, the Dole food
company, which is a major Global
16
00:01:11,800 --> 00:01:16,800
producer for vegetables and
fruits, they fell victim to the
17
00:01:16,800 --> 00:01:21,400
attack and it resulted in a
theft of sensitive data.
18
00:01:23,000 --> 00:01:27,800
That tackers demanded a large
sum of money in exchange for the
19
00:01:27,800 --> 00:01:31,800
safe return of the data and
despite dolls effort to
20
00:01:31,800 --> 00:01:34,500
negotiate and mitigate the
impact of that tag.
21
00:01:34,800 --> 00:01:38,300
It's still unclear, whether the
data has been safely returned
22
00:01:38,800 --> 00:01:41,800
leaving Dole and its customers
at risk.
23
00:01:43,300 --> 00:01:45,400
Before I tell you about the
Second Story.
24
00:01:46,000 --> 00:01:52,100
One side note here is that such
a company for sure, they deal
25
00:01:52,100 --> 00:01:56,600
with a lot of contractors.
They have a lot of supply chain.
26
00:01:57,400 --> 00:02:02,100
So although they might have been
using the proper technology.
27
00:02:03,500 --> 00:02:08,699
The supply chain played in my
opinion, a big role in having
28
00:02:08,699 --> 00:02:12,600
this attack because such a huge
company that distribute
29
00:02:13,100 --> 00:02:19,400
worldwide, I'm sure they have
taken all the required
30
00:02:19,400 --> 00:02:22,800
measurements.
But of course the coming days
31
00:02:22,800 --> 00:02:26,300
will show us what the
investigation results will be.
32
00:02:27,100 --> 00:02:31,100
The second story was from Dish
Network Services, who went
33
00:02:31,100 --> 00:02:36,500
offline following a Sabra Back
in another recent incident, the
34
00:02:36,500 --> 00:02:41,000
dish network is a major u.s.
satellite TV provider suffered.
35
00:02:41,000 --> 00:02:44,500
A suspected Cyber attack that
caused many of its services to
36
00:02:44,500 --> 00:02:48,300
go offline including their
website and their mobile apps.
37
00:02:49,300 --> 00:02:52,300
While the full extent of this
attack is still being
38
00:02:52,300 --> 00:02:56,800
investigated the incident,
underscore the potential for
39
00:02:56,800 --> 00:03:00,200
cyber attacks to disrupt
critical infrastructure and
40
00:03:00,200 --> 00:03:06,400
caused widespread disruption.
Why I shared these two stories.
41
00:03:06,400 --> 00:03:09,400
So both companies are very
well-known.
42
00:03:09,400 --> 00:03:16,400
They are big companies and I
wanted to relate this to small
43
00:03:16,400 --> 00:03:23,400
medium businesses and startups.
Consequences can be really
44
00:03:24,000 --> 00:03:28,600
unexpected because these stories
illustrate, the serious and
45
00:03:28,600 --> 00:03:32,800
growing threat, that ransomware
attack, and other cyber attacks,
46
00:03:32,800 --> 00:03:38,600
can pause to businesses at all
sizes and at all types but smes
47
00:03:38,600 --> 00:03:43,800
and startups are often seen as
easy targets by attackers who
48
00:03:43,800 --> 00:03:46,900
know they are less likely to
have robust cyber security
49
00:03:46,900 --> 00:03:50,900
measures in place.
And the consequences can be
50
00:03:50,900 --> 00:03:54,100
severe.
What can be these consequences
51
00:03:54,100 --> 00:03:58,400
Financial loss due to the
payment of the ransom, lost
52
00:03:58,400 --> 00:04:02,700
Revenue disrupted operations,
reputational damage, as
53
00:04:02,700 --> 00:04:06,700
customers will lose trust and
seek other vendors legal and
54
00:04:06,700 --> 00:04:09,900
Regulatory fines for failing to
protect sensitive data or comply
55
00:04:09,900 --> 00:04:13,000
with cyber security regulations
and employees.
56
00:04:13,000 --> 00:04:15,900
Morale and productivity issues
as they deal with the Fallout of
57
00:04:15,900 --> 00:04:18,399
a cyberattack.
Even more.
58
00:04:18,399 --> 00:04:22,500
And I have seen two ones, the
business can go bankrupt.
59
00:04:22,700 --> 00:04:26,200
Corrupt because they would lose
all their customer data.
60
00:04:26,200 --> 00:04:29,400
They would lose all their
systems and they cannot come
61
00:04:29,400 --> 00:04:32,700
back.
So protecting smes and startups
62
00:04:32,700 --> 00:04:36,500
from ransomware attacks can be
done.
63
00:04:38,000 --> 00:04:40,100
In a different approach I would
say.
64
00:04:40,100 --> 00:04:43,500
So well, approaches to implement
a multi-layer defense system
65
00:04:43,500 --> 00:04:48,400
that include basic security
measures like strong passwords
66
00:04:48,700 --> 00:04:52,700
multi-factor authentication,
regular software, updates, and
67
00:04:52,700 --> 00:04:57,400
employee training.
It's also important to have some
68
00:04:57,900 --> 00:05:00,900
business, continuity, plans and
Disaster Recovery plans in
69
00:05:00,900 --> 00:05:04,500
place, so that critical data can
be restored in the event of an
70
00:05:04,500 --> 00:05:09,100
attack.
However, many of these smes and
71
00:05:09,100 --> 00:05:12,200
startups may not have the
expertise or resources to
72
00:05:12,200 --> 00:05:15,200
implement and maintain such a
defensive system.
73
00:05:16,400 --> 00:05:19,700
This is where consultative
approach can help.
74
00:05:20,700 --> 00:05:24,500
So working with cyber Security,
Experts and business continuity
75
00:05:24,500 --> 00:05:28,800
experts can help smes and
startups to develop a customized
76
00:05:28,800 --> 00:05:33,300
defense plan that meets their
specific needs and budgets this
77
00:05:33,300 --> 00:05:37,100
can include risk, assessments
employee training and
78
00:05:37,100 --> 00:05:41,300
implementation of affordable,
security tools, like firewalls
79
00:05:41,300 --> 00:05:47,400
edrs and so on.
In conclusion, I think this
80
00:05:47,400 --> 00:05:52,700
topic should be more in lighted
because we're living in a world
81
00:05:52,700 --> 00:05:56,100
where every day, every 11
seconds to be more precise.
82
00:05:56,500 --> 00:06:00,300
There is a Cyber attack a
ransomware attack and that's
83
00:06:00,300 --> 00:06:05,100
more important than any time
before to stand by these smes
84
00:06:05,100 --> 00:06:13,600
and startups because they are
trying to get their hands on go.
85
00:06:13,800 --> 00:06:18,200
The business they want to stand
and help the economy.
86
00:06:18,400 --> 00:06:22,400
So it's very important to take
care of this segment of the
87
00:06:22,400 --> 00:06:27,200
market.
I hope you find today's episode
88
00:06:27,200 --> 00:06:32,700
helpful and it helps to raise
the awareness about the growing
89
00:06:32,700 --> 00:06:38,000
threat of ransomware and
different cyberattacks types and
90
00:06:38,000 --> 00:06:43,300
specially how we can protect
smes and startups any special.
91
00:06:44,100 --> 00:06:48,400
Tough economic situations like
the ones we are in.
92
00:06:49,400 --> 00:06:54,700
So as usual, I hope you enjoyed
this episode, I'm always looking
93
00:06:54,700 --> 00:06:58,600
forward to have your feedback.
If you want to ask any question,
94
00:06:58,600 --> 00:07:03,300
you want to have any opinion, I
would be more than happy to
95
00:07:03,300 --> 00:07:07,400
discuss that you can reach me by
email on LinkedIn or Twitter.
96
00:07:07,400 --> 00:07:12,900
And by the way, if you want to
be, also a guest on my podcast,
97
00:07:12,900 --> 00:07:17,700
I would be more than happy to
discuss cybersecurity topics and
98
00:07:17,700 --> 00:07:19,200
other topics that I usually
describe.
99
00:07:19,400 --> 00:07:23,300
Gus, whether it's a, I know code
entrepreneurship.
100
00:07:23,600 --> 00:07:26,900
So I would be looking forward to
hear from you.
101
00:07:27,300 --> 00:07:30,700
Thank you very much for joining
this episode today and until we
102
00:07:30,700 --> 00:07:32,400
meet next time.
Bye bye.











































