Ransomware: the threat of 2013

Opinion by Thurstan Johnston

One of the most successful lines of defence when dealing with today's cyber criminals is to understand the mechanics of an attack.

One of the most successful lines of defence when dealing with today's cyber criminals is to understand the mechanics of an attack.

Employees knowing what to look out for and being able to recognise an attack is one of the most effective ways of protecting the corporate network from malicious malware. Recent high-profile security breaches indicate that attacks are becoming increasingly complex, and as a result, harder to combat.

However, while there is no doubt that awareness is a crucial part of an organisation's security strategy, a growing concern is that as users become more aware of traditional cyber attack tactics, such as spam and phishing, many are starting to believe that they know everything they need to about identifying and subsequently avoiding them.

The fact is, new scams are evolving all the time and emerging at a rapid pace, using different methods to blindside their victims and convince them that the attack is genuine. If successful, they can have a hugely damaging impact.

The biggest problem is that cyber criminals are increasingly preying on employees' vulnerabilities by gaining their trust and manipulating them into providing access to confidential corporate data. Communicating with, persuading and tricking individuals within an organisation to take action that will jeopardise network security is almost becoming a failsafe way for hackers to bypass traditional barriers.

Indeed, employee negligence accounts for more than a third (36 per cent) of all data breaches, indicating it is often the employees themselves that are the biggest hole in an organisation's security strategy, as opposed to the inadequacy of the defences in place.

Ransomware risk

A perfect example of an emerging attack that relies on employee error is ransomware. After falling victim to social engineering tactics or visiting a compromised website, users unwittingly download malware that encrypts the files and disables the computer, essentially holding it hostage. According to Symantec, this sophisticated attack is growing, with an estimated $5 million expected to be extorted from victims every year.

To see how big a problem this is becoming you only have to look at recent examples. Ransomware is increasingly making its way onto national – and international – headlines, with reports of the Police Central e-Crime Unit (PCeU) arresting three people in Stoke-on-Trent at the end of last year, as well as the Spanish authorities and Europol uncovering a complex ransomware network, arresting 11 people involved.

Fake anti-virus is not necessarily a new thing, however ransomware goes that step further by opening a dialogue between the PC users and cyber criminals. While traditional spam and phishing attacks involved stealth access to confidential data, ransomware essentially cuts right to the chase, creating a one on one communication channel with the victim to negotiate a release fee.

With such convincing social engineering tactics, and with employees being granted greater online freedom at work, this will almost certainly become a bigger problem for businesses in the future.

Careless companies

A major problem is that, while the growing risk of a data breach is relatively well known, organisations are all too often unaware of the full financial and reputational costs this type of failed security can bring. Indeed, organisations have underestimated the long-term financial costs and time it takes to recover from a breach by up to a half.

With sophisticated attacks such as ransomware becoming a very real threat, it could be disastrous to underestimate the impact this can have on the network, and in turn spend less time and money defending it. Worryingly, a large number of organisations are not just experiencing one data breach, but often three, four or even more, indicating a very real lack of awareness when it comes to just how much damage these attacks can cause.

If more organisations were aware that the average customer acquisition rises by £91,985 after a breach, the time and effort placed into educating employees on new and emerging tactics would most likely be increased.

Education everyday

As such, one of the biggest IT security pitfalls for an organisation is the failure to understand the impact of employee ignorance. The fact is, with employees increasingly becoming the target of sophisticated attacks such as ransomware, it would be irresponsible not to continually educate them on evolving attacks.

Yesterday's tactics will not be the same as tomorrow's, therefore teaching the basics sporadically will not only give employees a false sense of security, but it will be pointless when more advanced attacks come their way – a likely possibility given the recent headlines.

The first step is for employees to realise that cyber attacks are not restricted to specific tactics. With it being such a valuable resource, no organisation wants their employees to be limited on the internet, especially when all that is needed is some common sense and regular education.

Always knowing what to look out for puts the organisation one step ahead of the cyber criminal however, as employees can often be easily manipulated, a solid endpoint security strategy involving multiple layers of defence is critical. Only by combining education with adequate safety nets will an organisation have peace of mind should one of their employees become the target of a sophisticated attacks such as ransomware – after all, if just one workstation is held ransom, the entire enterprise is at risk.

Thurstan Johnston is an engineer at Faronics

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events