Stand and Deliver - Your Data or Your Life
Criminals love to ride the coattails of technology. There was a time when tycoons, famous movie stars or even politicians might be kidnapped and held to ransom. But it was hard work. These days though, there is a much easier (and infinitely more profitable) way for crooks to make a living - all they have to do is to kidnap your data and hold that to ransom. Welcome to the world of Ransomware.
The What and How
In essence, Ransomware is a specific type of malware (short for - malicious software). Its modus operandi is to block you from your computer or smart device, say. More specifically, the idea is to prevent you accessing data / files / information that are clearly critical for you to be able to do your job correctly. Cyberthieves usually encrypt this data, rendering it useless to all but those who hold an encryption key - but sometimes they might steal it altogether to be stored elsewhere or even posted online.
The bad news is that the majority of Ransomware attacks these days are ubiquitous in their approach - they will infect all of the devices (computers, smart devices etc.) on your company’s IT network. So basically, all of your staff (and their work) are affected. Just like a burglar who has managed to break into your home, once cyberthieves have gained access to your IT systems, they like to have a good look around to see where all the good stuff is - where is all the vital data, for example and how is your firm dealing with backups? Once the bad guys are up to speed with all of this, they can choose when to ‘push the button’ and encrypt, steal or move your data. And yes, just like the silent-footed burglar in your house, they can be doing all of this, undetected, for days or weeks even - until they decide to announce themselves.
So, our title is a little bit dramatic. Cyberthieves are not after your life, or your blood. But wait, they are certainly interested in the lifeblood of your company - isn’t all of that data and information precious, indeed critical for the successful day-to-day running of your organisation? Of course, it is, so perhaps we are not over dramatising here at all. And here’s the thing, the point we touched upon in our intro. Most companies that hold any kind of data are particularly interesting targets for Ransomware attackers due to the huge importance of all of that data and information - you may as well be hoarding golden krugerrands as far as cyberthieves are concerned.
The criminals know without a shadow of a doubt that the publication of any stolen data or information from your company could have massive consequences. Indeed, if word even got out that cyberthieves were in possession of any such information (that might belong to one of your very important clients), what damage could that bring to bear upon your firm’s reputation? A reputation forged over many years, potentially wiped out in a few clicks. Ransomware agents know all of this and it offers them massive leverage for when they wish to ‘collect’ said ransom.
Think about some of the high-profile clients that your company works for. What kind of sensitive information do you hold on such clients - tax details, financial information, litigation work or perhaps even personal Information? All of this information is like a red flag to a bull when it comes to cybercriminals. And whilst reputational damage might be difficult to assign a £ value to, you could also be faced with financial losses associated with any legal action taken by your affected clients - not something your partners want to be dealing with. Also, it is highly likely that your firm represents more than one client. So, with one successful Ransomware attack, criminals now have information across a spectrum of organisations.
When it comes to technology, often the most practical day-to-day solution is for your company to keep up - that means keeping up with things such as security updates, software patches, firmware etc. This is where many organisations are already failing. Here are a couple of considerations for you to look into in order to beef up security and offer a more robust defence against things like Ransomware attacks
Mobile endpoint security - Ransomware attacks can often take the form of a phishing link. Where organisations have done their work to patch traditional vulnerabilities, cyberthieves have incorporated phishing and ransomware into an almost foolproof attack - because people will click on links from a source, they think trustworthy. And with mobile device usage soaring, phishing threats can be found everywhere - in messaging apps, within social media and even dating sites. Your people will undoubtedly be using their mobile devices for both professional and personal matters. And so, the threat posed by phishing only increases. By adopting a mobile endpoint security solution, you can help to secure your firm’s devices against app, device, and network-based threats.
Adopt a Zero Trust approach - The rise of remote working has brought about a host of technology challenges. One of them has been how to manage access to networks whereby people need data and files that would have traditionally been centralised in an office environment from which everyone worked from. With people now trying to access the network from many locations, and from a whole host of different devices, the attack surface for things like Ransomware attacks has increased massively - hackers now have so many more attack points open to them. And this is where the concept of ‘Zero Trust’ comes in - effectively the technology default position is to trust nobody, act like everyone is a threat (until they’re not). If your firm adopts zero trust network architecture (ZTNA) you can effectively grant only authorised users only the appropriate access permissions.
Ransomware attacks aren’t going away, and your firm can’t afford the reputational damage (or punitive financial woes) that follow on from such hacks. The technology landscape never sits still and nor should your mindset - keep up with the changes, update appropriately. Importantly, look to solutions such as mobile endpoint security and ZTNA to make things really difficult for the bad guys.