Recent ransomware attacks have been devastating for businesses, causing serious financial losses, eroding reputations and destroying business and customer data. If the battle is to be won, UK businesses need to change the way they deal with ransomware threats.
Continuous threat assessments and evaluation of endpoint securities will go a long way in helping businesses fight ransomware attacks.
A ransomware is an ideal tool for hackers to exploit loopholes in organisations' digital infrastructures for financial gain. Modern ransomware variants are capable of taking control of systems, encrypting useful data and even coordinating traffic flows to ensure that organisations have no other choice but to pay ransom to recover their data.
This strategy has borne fruit over the last couple of years. A Citrix research revealed that as many as one in every three firms had stockpiled digital currency last year to pay ransom money and 35 percent of large firms were inclined to pay more than £50,000 to regain access to important intellectual property or critical data stolen by hackers.
The reason why hackers are so successful is that there are several myths about the threats that ransomware attacks pose that make organisations take wrong approaches towards ensuring their cyber security.
Over-reliance on perimeter security
The most significant myth shared by businesses is that effective perimeter security measures can easily thwart ransomware attacks. This belief has led such organisations to pour investments on solutions like firewalls, IDPS, anti-virus, content filtering and anomaly detection rather than on more effective solutions like end-to-end encryption and two-factor authentication.
Research by digital security firm Gemalto has revealed that 28 percent of organisations have suffered perimeter security breaches in the past 12 months, 92% of all data breached in the past 12 months was not encrypted and in the UK alone, 46% of businesses are only protecting their customers’ data with passwords.
Outdated firewalls and malware detection mechanisms
While a large number of organisations have invested on perimeter security, a deeper look at such measures reveals that many firewalls, malware detection mechanisms, and filters are not regularly updated with the latest patches nor are they in sync with the threats posed by modern ransomware. Not using the best practices are making such organisations severely vulnerable to existing threats.
Belief that paying ransom is the solution
Paying ransom to hackers might make some believe that the hackers will honour their word and not attack an organisation's IT systems again. But on the contrary, such payments embolden hackers and fuel their greed for financial gain. As such, they come back and resort to similar ransomware attacks to extract more money from vulnerable firms and also tip off other hackers in the process.
Paying ransomware as such is not a guaranteed solution and reliance on encryption, two-factor authentication, and the latest endpoint security will turn out to be more fruitful in the long run.
'Cyber Essentials' isn't important
The UK government's ambitious and helpful 'Cyber Essentials' accreditation programme for enterprises aims to help companies strengthen their IT systems, implement the latest cyber security practices and effectively handle and protect customer data. As an added incentive, the government has mandated that those without accreditation will not be able to bid for government contracts.
However, despite the government's championing of the programme, only one in every four businesses have signed up for it. According to a report from the British Chambers of Commerce, while 47% of large firms have signed up so far, only 10% of sole traders and 15% of firms employing one to four employees are now part of the programme.
Considering the large-scale threats that ransomware attacks pose, only an effective security mechanism drafted by including best practices and shared ideas will be able to secure the industry as a whole, instead of piecemeal measures implemented by a few. Discounts offered by the government will also enable smaller firms to maintain tighter cyber security standards without worrying about going out of business.
According to David Matthews, Director for EMEA Security Industry at Unisys, in order to fight ransomware attacks effectively, organisations need to take a number of measures that include keeping sufficient data backup to continue operations in the event of a malware attack, patching software with the latest security updates, using effective security controls, updating antivirus signatures, using leading antivirus services, and adopting micro-segmentation to stop threats spreading across systems.
"This recent [Petya] attack proves that no organisation is immune to cyber-attacks, and further outlines the need for organisations to adopt defence and in-depth policies that allow breach detection and action to take place much quicker, protecting both sensitive data and business reputation,” he added.