Businesses are unprepared for future strains of more sophisticated ransomware. Fragile infrastructure, poor network hygiene, and slow detection rates are providing ample time and air cover for adversaries to operate. That’s all according to the Cisco 2016 Midyear Cybersecurity Report (MCR).
So far in 2016, ransomware has become the most profitable malware type in history. Cisco expects to see this trend continue with even more destructive ransomware that can spread by itself and hold entire networks, and therefore companies, hostage. New modular strains of ransomware will be able to quickly switch tactics to maximize efficiency. For example, future ransomware attacks will evade detection by being able to limit CPU usage and refrain from command-and-control actions. These new ransomware strains will spread faster and self-replicate before coordinating ransom activities. All vertical markets and global regions are being targeted. Clubs, charities and non-governmental organisations (NGOs), and electronics businesses have all experienced an increase in attacks in the first half of 2016, the cyber firm says.
Marty Roesch, Vice President and Chief Architect, Security Business Group at Cisco, said: “As organisations capitalise on new business models presented by digital transformation, security is the critical foundation. Attackers are going undetected and expanding their time to operate. To close the attackers’ windows of opportunity, customers will require more visbility into their networks and must improve activities, like patching and retiring ageing infrastructure lacking in advanced security capabilities.”
Comments
Peter Martin, Managing Director at cybersecurity company RelianceACSN, said: It’s unsurprising that Cisco’s report highlights that cyberattacks and ransomware are on the rise. Combined with the news of the O2 customer data breach this week it’s a clear sign that the security industry just isn’t working. Our business community and government need to start working differently to prevent it. The current security systems that many organisations use to hold people’s data, like retailers and banks, just aren’t being deployed and managed in the right way. It’s about using the right technology and process which includes proper alerting and alarming of course but also actively hunting for cybercrime. Until it is we’re always going to be fighting an uphill battle.”
David Kennerley, Director of Threat Research at cybersecurity firm Webroot, said: Ransomware is without a doubt one of the biggest threats facing organisations today. Part of the problem is the rate at which the malware is developing, resulting in thousands of new strands each month. Unfortunately, protecting against ransomware is currently a question of economics. It is often cheaper to pay the ransom to get the data back than the costs of regular back-ups and running the technologies to defend. This is why we have seen companies such as NASCAR team Circle Sport-Leavine Family Racing (CSLFR) paying for data to be recovered. No matter how tempting it might be, companies should never concede to the criminal and pay the ransom. It not only fuels the ransomware economy, as criminals see more and more success, but there is absolutely no guarantee that the data will be returned. We have seen instances of malware claiming to encrypt the data, but instead it has been deleted so paying the ransom still did not result in the data’s return.
“Ransomware is a very real threat and companies need to ensure that firstly, adequate defences are in place, and secondly, valuable data is backed up so systems can be restored if need be.”
David Navin, Corporate Security Specialist at Smoothwall, said: “It’s not surprising to see that ransomware attacks are on the rise. Large companies often don’t allocate enough budget to security without realising the true impact to the business, and instead we’re seeing more and more businesses left vulnerable after acting on this too late. Thanks to where the purse strings lie, a company’s security and IT department need to hit home with its board and CFO, ensuring they are educated to the risks and understand the importance of having strong security measures in place. It is essential to have enterprise grade security solutions in place beginning with firewalls, encryption and good security software. If companies have those measures in place and continue to layer on top of that, then it will reduce the chances of a ransomware attack.”
Alex Guillen, who is the Go To Market Manager at Insight, said: “Cisco’s report highlights just how important it is for businesses to prepare for cyber-attacks. Unfortunately, as attacks are no longer a matter of “if” but “when” and all businesses must prepare for the inevitable. They need to focus not just on preventing the breach, but also on reducing the fallout – particularly as we will continue to see the number of cyber-threats rise.
“There are tools and practices that can be implemented to mitigate the impact of a cyber-attacks with the most effective method being data encryption. On top of this, in today’s age of big data, it is crucial businesses assess just what portion of their data is most valuable and greater security around it. By carrying out a thorough assessment as to what data is uniquely distinct to the organisation, then discovering in what ways this data is at risk and putting in place security measures accordingly, every organisation can feel confident that they have the best defensive measures possible in place and that if sensitive data does end up in the wrong hands, it will be rendered useless.”
Visit www.uk.Insight.com.
