Ransomware Attacks Are Increasing Due To Low-Cost Tools And Vulnerable Targets, With High Chances Of Profits And Minimal Risk.
- Ransomware attacks are on the rise thanks to wide availability of low-cost tools to non-programmers; ransomware is relatively low risk with high reward potential.
- Organizations are only as secure as their partners and suppliers. Yet many organizations are unaware of just how secure those partners and suppliers actually are.
- To reduce the risk of ransomware, organizations must promote a culture of cyber awareness coupled with ransomware detection software tools on all their systems.
Ransomware attacks — where attackers demand payment in the form of cryptocurrencies to unlock corporate systems they encrypted or to not publicize private data — are up 93%, according to a new Economist Impact report sponsored by Mimecast, Signals and Noise: The New Normal in Cybersecurity Why? Encryption tools for non-programmers are easily available as SaaS (Software as a Service) from vendors that collect a portion of successfully collected ransoms. In addition, potential targets are highly vulnerable, especially supply-chains and especially during the pandemic when distractions in working from home present even more attack opportunities.
As Ciaran Martin, Professor of Practice in the Management of Public Organizations at Oxford University, notes in the report, “Ransomware isn’t proliferating because of weaker cyber-security, but has exploded because of a growing realization amongst criminals about just how profitable and easy it is.”
It’s easy not just in terms of launching a ransomware attack, but in the vulnerabilities of the targets. This includes weak links in an organization’s supply chain as well as the lack of cybersecurity awareness of people in the organization.
Supply Chain Vulnerabilities
Organizations are only as secure as their partners and suppliers. Yet many organizations are unaware of just how secure those partners and suppliers actually are.
Consider Apple, for example. It sources components from more than 40 countries across six continents to make the iPhone. If just one source is breached, it can have a domino effect across an organization. A July 2021 report from the European Union Agency for Cybersecurity (ENISA) indicates that 62% of attacks exploit the trust of customers in their supplier; in 66% of supply chain attacks, suppliers did not know or failed to report that they were compromised.
A further vulnerability is the collaboration software companies increasingly rely on, and are now a new normal way to do business. Growth of collaboration tools such as Microsoft Teams presents a “one key to unlock, multiple door entry” scenario. Case in point is the HAFNIUM attack of Microsoft Exchange servers that hacked hundreds of thousands organizations worldwide. Even while Microsoft issued a security patch, cybercriminals kept scanning and infecting unpatched Exchange servers as they found them.
The Weakest Link
But the weakest link in cybersecurity isn’t just partners, suppliers or software. It’s people. Work from home models due to the COVID-19 pandemic have increased the risk of ransomware attack. Deloitte reports an upsurge of malware attacks up to 35% during the pandemic.
Working from home has its own set of unique challenges, such as greater likelihood of co-mingling online personal and work activities. Even though the work device should be connected by VPN to the office, multiple non-work devices — phones, personal computers, game controllers — are connected to the same wi-fi network. Perhaps the biggest issue is distraction compounded on top of the social isolation created by the pandemic.
As Jenny Radclifffe, founder and director of Human Factor Security, points out in the Economist Impact report, ““When people are subject to huge imposed change, there are major psychological implications. The main reason people give for doing things like clicking on phishing emails or bad links, or opening attachments, or when they fall for scams and cons of any kind — the main reason they give is distraction. From a work at home environment, many people find it a lot more distracting, and that makes them more vulnerable to an attack. Attackers know that.”
How to Protect Against Ransomware
So given the rise in ransomware attacks, how do organizations work to reduce the likelihood of becoming the next victim?
It beings with educating employees and vendors to avoid unnecessary risk, such as connecting devices to unsecured networks and over-sharing personal information on social media. Cybersecurity and cyber awareness are no longer the domain of the IT department; it’s the responsibility of everyone in the organization, everyone that partners with the organization, and everyone in the organization’s supply chain.
Education of users, however, is just one puzzle piece. Another is an assessment of the security culture and potential security risks of the organization and its partners, including what vendors have access to what networks.
One more piece is a cyber resilience strategy that implements best practices to reduce risk. An example is the so-called zero trust model, in which no user, device or activity is recognized by a network unless it is verified by another authorization method.
Finally, key to completing the puzzle, is the integration of security software into all organization systems. Effective ransomware protection requires both ransomware detection technology and powerful backup and archiving solution to ensure business continuity in the event of an attack. For organizations seeking superior ransomware protection, these services can be critical.
The Bottom Line
The Economist Impact report concludes that a number of factors contribute to the raise of ransomware attacks. These include the easy availability of third-party encryption and hacking software, the likely odds of not getting caught, partner and supply chain vulnerabilities, and new ways of working from home. The best defense is to promote a cyber aware culture extended across all organizational interactions combined with best-practices to reduce risk, and effective ransomware protection software installed at all organizational systems.