Alastair Hartrup
Alastair Hartrup 17 August 2018
Categories B2B, Technology

Three Beliefs that Ruin your Cyber Security Plans

Ransomware and other forms of cyber attacks are on the rise and while many understand the dangers there are too many businesses out there who are severely underprepared. One of the reasons for this is due to faulty beliefs about cyber attacks and the infrastructure of organisations.

Ransomware is the fastest growing, and one of the most troubling, IT criminal enterprises attacking networks today. In fact, business models for growing and spreading ransomware are actively being marketed with some sellers making more than $100,000 per year. Ransomware as a Service (RaaS) is a new, sophisticated and efficient model that reduces barriers to entry and start-up costs for criminals who want to gain access to this lucrative market.

A report from the Institute for Critical Infrastructure Technology (ICIT) notes that poor endpoint security is one of the key factors in the growth of ransomware attacks. As this new criminal phenomenon gains steam, the headlines and articles will work their way from IT magazines to mainstream media in the way that the WannaCry attack hit the headlines back in the summer, leaving organisations open to very high profile media scrutiny. Therefore it is critical to develop security practices to protect both your network and your business reputation from these malicious attacks. Here are three myths that you should reject as you plan your defence:

"I have nothing worth stealing"

This may, in fact, be a true statement for many individuals and small businesses. However, the objective of most ransomware attacks is not to steal your data. The objective is to collect a ransom (fee) in return for decrypting your data and returning your computer or network back to normal operation. Therefore, it does not matter if your data has no value to anyone on an open market. If it has value to you, it can be a target. Something as simple as your iPhoto files of family events can be a valuable target if its loss means more to you than the cost of paying the ransom demand. A very important protection from this type of attack is to back up your important files on a regular basis. Also, be sure to back up to a drive that is not connected to your computer or network otherwise it is still at risk.

"Perimeter security is not critical"

The ICIT report mentioned above also states that, “Of the lines of network defence available to an organisation, endpoint security is uniquely capable of stemming the growing ransomware menace.” It is also important to note, however, that endpoint security is one of many potential protections that should be employed. The Next Generation Firewalls with integrated Intrusion Prevention and Data Loss Prevention appliances are a few examples of current perimeter protection devices to be deployed. The TAPs that are used to connect these devices look like a wire to the network and provide fail-safe protection, keeping the network alive in the event of power loss to the appliances. While it is best to use a multi-stage security approach including anti-malware software, the endpoints are the foundation.

"It might be cheaper just to pay up'

Some reports on this subject show that only a very small percentage of ransomware victims actually pay up. Despite this, it is estimated that businesses have lost up to $1 billion a year to ransom payments so it is a growing and lucrative business. However, sometimes money is not the ultimate target of an attack. While the victim is chasing the ransomware, the attacker is actually perpetrating another attack elsewhere in the network, stealing important confidential information.

A report by Dimension Data reveals that in 2017 the total amount of Ransomware-based attacks increased by 350% with the average pay-out rate per attack equalling £831. This success for Ransomware attacks has caused the marketplace for ransomware on the dark web to explode. This is large in part thanks to software for hacking being made available “off the shelf” to potential new cyber criminals to use as soon as they are ready. As ransomware templates spread into criminal enterprises, these attacks will become more common. It is not just traditional computer networks that are affected either as ransomware continues to affect IoT devices such as thermostats, vehicle control networks, industrial control equipment and medical devices. These are arguably more distressing to deal with as you cannot back up data like you would with your computer, giving you little choice other than to pay-up.

For now, the best defence is to layer up the security starting with a foundation of strong perimeter protection and adding malware protection software, email security, and sound access policies for users. Train users so everyone who touches your network will be aware, vigilant and sceptical of unknown messages.

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
7 reasons why social media marketing is important for your business

7 reasons why social media marketing is important for your business

Social media is quickly becoming one of the most important aspects of digital marketing, which provides incredible benefits that help reach millions of customers worldwide. And if you are not applying this profitable...

Sharron Nelson
Sharron Nelson 6 February 2018
Read more
Top 10 B2B Platforms to Help your Business Grow Worldwide

Top 10 B2B Platforms to Help your Business Grow Worldwide

Although the trend of a Business to Business portal is not new but the evolution of technology has indeed changed the way they function. Additional digital trading features and branding has taken the place of...

Salman Sharif
Salman Sharif 7 July 2017
Read more
Top 10 Skills to Become a Rockstar in Digital Marketing

Top 10 Skills to Become a Rockstar in Digital Marketing

Technology is continuously evolving, prompting marketers and entrepreneurs to dive into digital marketing to increase brand awareness, reach their target market, and ultimately drive sales and profit. 

Jessica Andriani
Jessica Andriani 7 September 2018
Read more
Digital Marketing Vs. Traditional Marketing: Which One Is Better?

Digital Marketing Vs. Traditional Marketing: Which One Is Better?

What's the difference between digital marketing and traditional marketing, and why does it matter? The answers may surprise you.

Julie Cave
Julie Cave 14 July 2016
Read more
The Difference between Traditional Marketing and Digital Marketing

The Difference between Traditional Marketing and Digital Marketing

Which strategy for marketing will provide me the perfect reach and most quantifiable profit for the income I spend? That is the question promoters are dealing with each day. Traditional marketing Vs Digital marketing...

juan yelle
juan yelle 23 July 2018
Read more