Can organisations stem the flow of ransomware attack by improving their approach to maintaining cybersecurity?
Ransomware has been found to be towering above threats such as IoT botnets and data breaches as the most prevalent threat of 2017 according to Europol, with the likes of WannaCry having even endangering human life.
This insight was delivered in the Europol 2017 Internet Organised Crime Threat Assessment, outlining lacking digital hygiene, weak security practices and connectivity as accelerants in the success of the ransomware threat.
Databreaches have also been a frontrunner in the top threats of 2017 according to Europol, having caused the exposure of more than two billion records linked to EU citizens within a twelve month timespan. This threat has also been exacerbated by poor practices.
In addition to this, the report notes the first botnet attacks launched using infected IoT devices, a foreboding sign of what could prove to be a colossal threat vector as new connected devices are pumped into industries and homes across the world.
Julian King, EU Commissioner for the security union, said: “This report shows online crime is the new frontier of law enforcement. We’ve all seen the impact of events like WannaCry: whether attacks are carried out for financial or political reasons, we need to improve our resilience and ensure cybercrime does not pay.”
With unprecedented damage having been caused by cybercrime in 2017, it is clear the fast evolving threat landscape has led us into a new era, and we must understand the changes and react effectively.
Simon Edwards, Cyber Security Solution Architect, Trend Micro, said: “Cyber criminals are operating more and more like businesses; they’re increasingly assessing the risk for gaining particular pools of data, evaluating worth against the time spent to obtain it, and are now looking for buyers on the dark web before the attack is even in motion.
“The rise of ransomware attacks is testimony to the level of dexterity hackers today possess – they have a level of detail and process akin to running a global customer service centre! From tagging each infected device and the data obtained, tracking any ransom that has been paid, and decrypting data for recipients (that is, if they choose to do so), a ransomware attack is an incredibly complex operation that hackers don’t enter in to lightly,” said Edwards.
Here Edwards makes a crucial observation, encouraging us to think of hackers not as lone, malevolent, skilled opportunists, but rather as organised operations that actually provide a service, commercialising cybercrime.
Ilia Kolochenko, CEO of web security firm, High-Tech Bridge said: “The growing trend of ransomware-as-a-service opens this niche even for those who don’t have many technical skills, aggravating the global epidemy… Many organizations and individuals have abandoned machines they have not updated for years for various reasons, from overt negligence to complicated business processes and compliance. Worse, many large companies and governmental organizations don’t even have a comprehensive and up2date inventory of their digital assets.”
Today cybercrime is no longer reserved for those with rare and formidable technical skills, as pre-packaged, easy to deploy ransomware attacks are available to buy cheaply. This dramatically complicates the job of extracting the problem at the root, with attacks being launched far and wide.
Steve Malone, director of security product management at Mimecast, said: “Despite the educational efforts of security companies and government so far, it’s clear that organizations need more support and training fast. WannaCry was a wake-up for some but we’re still not seeing these news threats taken seriously enough by others… Only by working together in homes, schools, businesses and the wider community can we begin to build cyber resilience into all the services upon which we rely.”
Only very recently an Accenture report revealed that 55 per cent of the UK workforce could not remember receiving specific cybersecurity training, while also showing that the cost of cybercrime has risen by 19 per cent in the past year to £6.4 million. These findings support those of Europol, having noted lacking cybersecurity awareness among organisations.
As a rallying cry of vigilance to organisations facing ransomware attacks, David Kennerley, Director of Threat Research, Webroot, said: “No matter how tempting it might be, if any other options exists, however challenging, companies should never negotiate or concede to criminal and pay the ransom… The danger with paying the ransom is there’s no guarantee they’ll recover the encrypted files, and by paying you are only fuelling the ransomware economy.”