More Security Might Not Cure Ransomware

  /     /     /  
Publicated : 22/11/2024   Category : security


More Security Might Not Cure Ransomware


Ransomware is definitely a security issue, but more security may not be the solution so many are looking for.



Hollywood scriptwriters must have been kicking themselves when cyber thieves came up with the idea of ransomware. It has well and truly captured the imagination, driving genuine fear into the hearts of many business leaders who had hitherto paid little attention to cyber threats in general.
The really clever thing about ransomware is that the crimes are rarely targeted at obvious pools of valuable data such as credit card records and banking information. Ransomware is at its most supremely evil when it strikes at data that you (and possibly only you) find valuable. A little like the act of kidnapping someones pet dog; the market value is irrelevant -- its how much it matters to the owner.
The net effect of this is that the usual cyber targets (banks, other financial institutions, etc.) arent bearing the brunt of this threat. Its at least as likely to be research institutions, healthcare providers, pharmaceuticals, utilities -- any sector where having data held to ransom could be ruinous.
What if the answer isnt more security?
Youve got to hand it to the cybersecurity industry. Theyve made hundreds of billions of pounds over the years, and yet seem no closer to actually stopping cyber attacks than when the first computer viruses were created. Rather than becoming discredited, this apparent failure is its own reward; encouraging customers to consider how much worse things would be if they didnt keep buying security solutions. You need merely whisper ransomware to experience a sales onslaught of weird, wonderful and ultimately expensive ways of protecting yourself -- but with zero guarantee they will work.
This is sheer madness; a snake eating its own tail. Its time to stop thinking of ransomware as a failure of security and start calling it what it really is: a failure of effective data management.
Boring old backup saves the day
The first lesson in data management is to backup regularly. In data-intensive sectors, this can be far easier said than done. Pulling very large data sets into a coherent backup process is often complicated by inefficiencies and data infrastructures that have built up over time. This, in turn, can lead each backup to be a lengthy process -- six to eight hours is not out of the ordinary -- which discourages IT professionals from performing them frequently. As a result, many organizations have a disconnect between how often they would like to perform backups (typically daily) and how often they manage to (weekly, monthly or even quarterly).
This is a recipe for catastrophe should some unforeseen event disrupt your IT systems. One such event could be a ransomware lock-out, leaving you with a backup copy that may be considerably out of date.
Why pay criminals for data that you already have?
Read the news reports about ransomware and youll spot an Achilles Heel in the criminal masterplan. Namely, that if the victim kept an up-to-date copy of its data, there would be no need for them to pay to get it back. Such an event would still constitute a serious security breach, but at least theyd have their precious data.
More and more organizations are waking up to this simple truth by instigating a three-pronged strategy to address the ransomware problem:
Stream 1: Education
Ransomware is an infection that usually requires people to do things they shouldnt. Like any modern threat, ransomware relies on the concept of social engineering and other human factors. The best way to counter this is by involving your people in relevant education programmes. Be sure to include everyone who has access to email, computers and servers in your organisation.
Stream 2: Cybersecurity vigilance
The cybersecurity industry might be behind the curve on ransomware, but that doesnt mean you shouldnt leverage solutions that stop the easiest 95% of known attacks from getting through. Whether you run endpoint antivirus or network-based security (or both), this is a vital layer of defense. Also, ensure that you decommission out-of-support/end-of-life data management software and always run recommended patches and updates.
Stream 3: Get serious about backup to enjoy total data protection
Modern IT backup solutions take frequent, incremental backups every minute or so. Being incremental means you never stress your network out (or your IT staff) by repeating entire backup processes. Should your business encounter ransomware and the inevitable demand for money to unlock your data, you can safely ignore it. Simply roll back your data to the second before the attack struck. This way, you can be assured that your valuable data and systems continue running and the malware cannot be retriggered.
To conduct incremental backups, backup appliances need to be updated to detect and record block-level changes from snapshots, taking individual backups at hundreds of points per day. Some solutions supplement this with the capability to detect ransomware inside a backup, and notify IT staff accordingly. This mitigates the spread of infection.
Taking away the power of ransomwares extortionists feels good, but it requires a combination of effective security measures and a nimble, continuous backup process. Only then can you have a data governance process worthy of the name, and a cast-iron insurance policy against anyone who claims to have kidnapped your data.
Related posts:
New Ransomware Attack Targets Japan
WannaCry Was an Avoidable Mess for NHS
Bad Rabbit Breeds Ransomware Fears

Nick Claxson is managing director of Comtec Enterprises.

Last News

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security

▸ Car Sector Speeds Up In Security. ◂
Discovered: 23/12/2024
Category: security

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
More Security Might Not Cure Ransomware