Cannabis Companies Considered Ripe Targets for Ransomware Attacks
2:45

In the News: Cannabis Companies Considered Ripe Targets for Ransomware Attacks

 

urban-gro's Vice President of Technology, Ryan Ninness, was interviewed by MJBizDaily on how cannabis companies can protect themselves from the onslaught of ransomware. 

Even as ransomware attacks on high-profile mainstream companies such as Colonial Pipeline and JBS Foods have grabbed headlines in recent months, cannabis companies appear largely unprotected from malicious actors launching such schemes.

That could prove costly to any marijuana companies that fall victim to the crime, which forces targeted businesses to pay a ransom to regain access to data and files that have been stolen and then locked or encrypted.

With the onset of the coronavirus pandemic and the resulting remote workforce, ransom attacks last year were up 150% over 2019 and the amount victims of the attacks paid rose more than 300%, according to the Harvard Business Review.

Efforts to detect and report ransomware payments are critical to preventing and deterring ransomware attacks and holding the attackers accountable for their crimes, according to the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN).

“As the past few months have demonstrated, the surge in ransomware attacks threatens our critical infrastructure, municipalities and the most vulnerable among us and is increasingly impacting the lives of the American people,” Michael Mosier, FinCEN’s acting director, said in a July news release.

But most cannabis companies haven’t taken steps to defend themselves against ransomware attacks, according to an informal MJBizDaily survey conducted in July.

Of the 41 people responding to the poll, 59% said their marijuana companies had not taken steps to prevent attacks, while 41% said the businesses had.

Ransomware is a nefarious hack that takes control of a company’s files and data and locks them.

The attackers gain access through a phishing email that deploys malware when an unsuspecting employee clicks on a link. Attackers typically want to be paid in cryptocurrency to allow the targeted company to retrieve the stolen data and files.

Cannabis companies are vulnerable for different reasons:

  • The perception exists that marijuana businesses are flush with money and can easily afford to pay to retrieve their data.
  • They typically don’t have strong information technology departments.
“You have to think about how cryptolockers and ransomware works to understand how vulnerable you are,” said Ryan Ninness, vice president of technology at Urban-Gro, a cannabis cultivation facility design and engineering firm based in Lafayette, Colorado.

Read the full interview at MJBiz Daily.



BLOG

FEATURED PROJECTS

Let urban-gro build your path forward

projects

Retirement System of Alabama

The Retirement System of Alabama (RSA) Judicial Building is located just west of the State Capitol....
projects

St. Francis Hospital Renovation

Since 2002, our architecture team has completed over fifty projects for St. Francis Hospital. Our...
projects

Three Chances

An infill project, 15 11th Street is a three-story structure with retail on the street level and...

Engineering - Card BG
GET IN TOUCH

Ready to Start Your Project?

Experience a simplified turnkey design process from concept to projection completion when speed to market matters.

Reach Out