| |September 20179CIOReviewthe biggest impact of ransomware is not in the ransoms being paid. Sixty-three percent of organizations that experienced a ransomware attack in the past year indicate it led to business-threatening downtime. Another 48 percent report it resulted in the loss of data or hardware. And for those organizations that pay a ransom in exchange for being able to recover their data (42 percent admit they paid the ransom), one in four never recovered the data. This is why the security experts recommend victims to not pay ransoms. Just the Tip Of the Iceberg Yet these numbers are likely not a true representation of the extent of the problem. Ransomware attacks are vastly underreported, with fewer than one in four incidents being reported. Over half of businesses admit they experienced a ransomware attack sometime during the past year. Thirty-four percent of them lost money, and 20 percent were forced to shut down their business! When these factoids are factored into consideration, the financial impact is alarming. But it gets worse: 3.5 percent indicated lives were put at risk as a result of the effects of the ransomware attack. For organizations thinking they are too small to be a target for ransomware attacks from cybercriminals, think again! Often lacking a dedicated in-house IT expert and managing IT systems lacking the necessary controls, small businesses aren't immune to ransomware attacks. Indeed, operating without the proper data protections in place to defend against, prepare for, and recover from ransomware, these businesses are quickly becoming a prime ransomware target for cybercriminals. Nearly every industry sector and organization size is affected by ransomware. Manufacturing tops the list when it comes to percentage of total ransomware per industry (16 percent). The utilities and energy sector is a close second (15.4 percent), with technology, professional services, retail, healthcare, financial services, and legal with a substantial share. Several reports tag professional services as an area where there has been the fastest growth in ransomware attacks.With cybercriminals reaping a 35-fold increase in their earnings from ransomware attacks in 2016, the frequency and sophistication of the attacks will most assuredly increase in velocity and scope. Organizations will do well to heed the following takeaways as ransomware evolves and mutates into an ever-increasing threat to organizations of virtually every shape and size: 1. Stop Known Threats: Seek out a cybersecurity solution that stops known ransomware threats across all attack vectors. This requires a layered security model that includes network, endpoint, application, and data center controls powered by proactive global threat intelligence.2. Detect New Threats: As existing ransomware is constantly morphing and new ransomware is being released, it is important to institute the right sandbox and other advanced detection techniques to pinpoint the variants across those same vectors. 3. Mitigate the Unseen: Real-time actionable intelligence must be shared between the different security layers (and generally vendor products) and even extended to the broader cybersecurity community outside of your organization such as Computer Emergency Response Teams (CERTs), Information Sharing and Analysis Centers (ISACs), and industry coalitions like the Cyber Threat Alliance. This rapid sharing is the best way to respond quickly to attacks and break the kill chain before it mutates or spreads to other systems or organizations. 4. Prepare for the Unexpected: Segmentation of network security helps protect against ransomware wormlike behaviour such as that of SamSam and ZCryptor. Data backup and recovery is just as important. Organizations that have recent data backups are able to spurn demands for a ransom and quickly and easily recover their systems. 5. Back Up Critical Systems and Data: Although it can be a time-consuming process to restore an encrypted system, as well as an interruption to business operations and a drain on productivity, restoring a backup is a far better option than being held hostage with no guarantee that your ransom payment will result in your data and systems being unlocked and restored. In this case, you need the right technology, processes, and even business partner to ensure your data backups meet business requirements and their recovery can be done expeditiously.The disruption that ransomware can cause is not insignificant ­ WannaCry will, indeed, be a painful experience. Only by harnessing all their cyber defence resources in a coordinated way can firms effectively fight massive cyberattacks like WannaCry. Though no solution is fool proof, implementing best practices can go a long way in minimizing future tears. Data is at the heart of most organizations today-from small businesses to large enterprises
< Page 8 | Page 10 >