The rapid and devastating proliferation of yet another high-profile ransomware attack – Petya – in late-June emphasises that many organisations are still not adequately prepared for such incidents.
Hot on the heels of the Wannacry malware attacks, lessons are not being learnt quickly enough. Mass-disruption is likely to continue unless major steps are taken to improve not only defences, but also processes and procedures required to protect an organisation against the next wave of attacks, which are of an unknowable nature, both in method and effect.
Looking back at 2016, we saw a huge surge in ransomware activity with a reported 638 million attacks. Comparing this to 3.8 million in 2015 highlights the significant challenge the industry faces and demonstrates what a lucrative attack vector ransomware has become.
Undoubtedly 2017 will continue to see further increases in this type of attack, and businesses large and small are going to continue to have their data held for ransom. Recently the Cyber Threat Alliance cited CyrptoWall v3 as having cost users worldwide more than $325 million to date.
Interestingly many industry experts believe that Petya, the latest ransomware attack, was not in fact intended to generate revenue by holding data to ransom, but in fact cause disruption and destroy data, with no intention of offering to restore it.
These types of incident have finally led to cyber security receiving the board-level exposure and focus that it warrants. However, the level and volume of “noise” coming from the cyber-security marketplace will continue to increase with an ever-growing number of vendors and solution providers claiming to offer the answer to our prayers.
Businesses large and small are going to continue to have their data held for ransom
Within our customer base we saw an immediate priority evaluation of ransomware awareness at a senior level, with many business accelerating projects focused on areas such as patch and vulnerability management.
But the outbreak of Petya would suggest that many organisations did not learn their lessons and were still not fully prepared for such an attack. The problem appears to be that while the awareness was raised, it may only have kept the attention of senior management for a short time. In addition, one of the key foundations of security, patch management, is not sexy and can be complex in its delivery, which has inevitably led to a situation where it still may not have received the attention it requires.
With the much-hyped European Union General Data Protection Regulation on the horizon, responding to and reporting any breach will become an increasingly important issue for companies and organisations of all sizes.
Understanding how confusing the marketplace has become for end-users, Blue Cube Security has endeavoured to review the differing approaches being offered by the industry to provide best practice advice on what procedures to follow to protect your organisation from being subject of an attack.
There can be no doubt that organisations need to take steps to stop malware from entering their environments, executing and spreading, while also attempting to manage the impact if an outbreak does occur and recover after the event. So, what steps should you take?
For further details of how Blue Cube Security can assist you in any of the areas discussed or for an independent consultation please contact us at www.BlueCubeSecurity.com/Ransomware
Blue Cube Security is an independent IT/cyber-security solution provider, with more than 17 years’ experience in the cyber-security arena, so we are able to leverage our experience and expertise to recommend best-fit solutions and services for your company. Within our portfolio we have identified a number of solutions that will assist in the protection against advanced malware and ransomware attacks. There is no one-size-fits-all approach that will automatically protect against a rapidly evolving threat landscape. However, by following the steps outlined and deployment solutions as “controls” to complement this approach, we can assist our customers in improving their cyber-security posture.
Please call us on 0345 094 3070 to discuss your cyber-security requirements
