According to Europol’s fifth annual internet organized crime threat assessment, ransomware remained the biggest malware threat out there in 2018. Ransomware lockdowns can potentially result in outages, financial loss and reputational damage, so how can they be fought?
Imagine the scene: you sit down to work, log in and …. are locked out. Ransomware is the nightmare scenario for any business: work grinds to a halt, sales stop, and precious data is encrypted not to mention compromised – and the shadowy figures behind it say that they will delete it unless you cross their palm with cryptocoins.
US-based telco Verizon estimated this year that almost 40% of all successful malware-based attacks involved some form of ransomware – and, worse still, the targets were changing, too, with databases and servers under attack, not just desktop PC’s, meaning business critical applications were at risk.
Europol, the European Union agency for law enforcement cooperation, said that in 2017 ransomware drained over €4.4 billion from the global economy. The Europol report also noted that business in particular is under threat: “As we have seen with other cyber-attacks, as criminals become more adept and the tools more sophisticated yet easier to obtain, fewer attacks are directed towards individual citizens and more towards small businesses and larger targets, where greater potential profits lie”.
Of course every business owner already knows that they must have lines of defense: strong financial controls, strong procedures, and, just as importantly strong, IT Controls – but how do these play out in practice?
“Hackers are definitely becoming more sophisticated in their attacks, which is why more intelligence is required to combat them” said Eilish O’Connor, director of Cloud Solutions at Viatel.
“One of the big advances in this space is machine learning and AI, which we are looking to leverage in our cyber security and threat analytics solution in the Viatel Flexi Cloud.
“With regards to what kinds of businesses are targeted; it happens to any business where technology plays a part in any area of its supply chain. And it’s not just the company that has been targeted that feels the effects. For example, the (Not) Petya attack took down Maersk shipping IT for 10 days, having a knock-on effect on any company that depended on them for importing or exporting goods”.
Reputational damage is very real and, said O’Connor, may not be fully appreciated by everybody. “There are plenty of studies that document different factors which affect reputation after a breach, such as the size of the breach and the nature of it; internal or external. Incidents that are viewed to be caused by a failure of a company’s security systems have a much more detrimental effect on reputation. The speed at which a company reacts will also have an effect on the damage”.
It is very important for all companies to consider the risk to reputation that could be caused by a security breach – the cost of which may not be immediately obvious, from lost business to missed investment. You can’t avoid investing in security, a significant part of which needs to be on back-up and disaster recovery. This is where you see the value of resiliency by taking a proactive approach to limiting the damage to your reputation.
O’Connor said that whether ransomware is the predominant security threat today is a point that can be debated. However, it has become one of the most widely known – and this is significant. By its very nature it evokes a lot of emotion and fear in people. It is this emotional response that drives the ransom payout. The data that is encrypted is mostly of no use or interest to the ransomware attacker. However, it could be of a very sensitive, sentimental or business – critical nature to the person or business affected, O’Connor said that this is where business continuity planning and disaster recovery come into play – and that starts with backups. While it’s very important to do all that you can to prevent it from happening, it’s equally important to have the ability to pick yourself up quickly if it ever does happen.
