Dan is a 20 year veteran of the ICT industry working for global and local vendors in bringing new and innovative technologies to market in the ANZ region. During his career, Dan has been passionate about bringing a local voice and insights to global technology challenges. As the Editor of GetCyberResilient.com Dan casts a keen eye across the hot topics, trends and pulse of local security practitioners to curate stories from near and far that are most impactful in addressing our evolving risks.
From small-time nuisance to destroyer of enterprises: the rise of blackwhaling
Cybercriminals are growing more ambitious with each passing year. No longer content with just harassing consumers, they’ve set their sights on the much more lucrative enterprise sector.
We’re already seeing an explosion in ransomware incidents all around the globe, as evidenced in Verizon’s 2019 Data Breach Investigations Report. Ransomware accounted for nearly 24% of incidents where malware was used.
Your data can and will be held hostage
Attackers are after quick and easy wins and are keenly aware of how many mid to large-sized companies have terribly poor defences in place. The high probability that they’ll pay a ransom and the low probability of getting caught means it’s open season for enterprising cybercriminals to make a tidy profit. Given how attacks can be carried out across international borders, the likelihood of getting caught drops even further.
And cybercriminals are cashing in. Confronted with increasingly sophisticated attacks, most companies just end up paying the ransom, which can regularly cross the six-figure mark. A 2016 IBM study found that 70% of businesses that have been infected with ransomware have paid the ransom in an effort to regain access to their data. The study also found that depending on the data type, 25% of business executives would be willing to pay between $20,000 and $50,000 to get their data back. Its no wonder cybercriminals are scaling up their efforts and chasing even bigger paydays.
And yet most companies haven’t budgeted for them or taken any concrete steps to manage the risk. Awareness is definitely growing, but very few organisations are taking action. Companies that choose the ‘wait-and-see’ approach are playing with fire.
Earlier this month, Australian transport and logistics company Toll Group was hit by the ransomware known as Mailto or Kokoklock, forcing them to shut down most of their IT infrastructure to prevent the malware from spreading. Again, the real cost is likely to come from interruption of service and downtime, as well as the damage to their reputation.
How to defend your organisation from ransomware attacks
The good news is, fortifying your cyber defences doesn’t have to be overly complicated. Like preparing for a kidnapping or corporate espionage, your team’s awareness and the policies you have in place will be your biggest defence. That means having sound security systems and practices in place, clear protocols to follow in case of an emergency and a well-informed, cyber-aware workforce. Here are a few measures you can take to dramatically improve your cybersecurity posture:
Boost your threat awareness
Make sure your teams stay up to date with cyber awareness training. Many attackers rely on social engineering to gain entry into a system; having your team aware and alert for any suspicious emails will thwart the majority of attacks before they become a serious security issue.
Invest in a comprehensive threat detection solution
If your organisation deals with sensitive data, putting in advanced threat intelligence solutions can save you a lot of grief. A good solution should include multi-layered endpoint security, network security, encryption, strong authentication and regularly updated threat detection.
It might also be a good idea to keep a third-party cyber specialist on retainer to help prevent and manage any crises. The cost of partnering with an external security provider is small compared to the potential cost of a major breach.
Empower your cybersecurity team
All the technology in the world can’t help secure your organisation unless your people change their behaviour as well. To this end, empower your cybersec team to inform company guidelines, policies and procedures for protecting sensitive data on office computers and mobile devices. Agree on key measures to gauge their effectiveness, conduct regular security drills and keep testing your defences. Transparency is key, so make sure everything is documented and shared with the relevant stakeholders at regular intervals.
Develop a cyber resilience strategy
No defence is perfect. Sometimes, despite your best efforts, your data can be breached and you can find yourself targeted by a ransomware attack. That is where cyber resilience can be a lifesaver. The first advantage of being cyber resilient is business continuity; limiting downtime and interruptions will not only prevent business losses but will also keep your brand’s reputation intact. Secondly, having a reliable backup protects you against data loss, especially if your data is taken hostage. It takes power away from your attacker and gives you a wide range of options for responding to a cyber incident.