Orgs Must Prepare for New, More Destructive Ransomware
Organizations must be better prepared to deal with future strains of ransomware that will be more sophisticated and damaging, with fragile infrastructure, poor network hygiene and slow detection rates all currently giving adversaries too much time and air cover to operate.
The firm discovered that the biggest challenge companies are facing is the struggle to constrain the operational space of attackers, who are continuing to expand their ‘window of opportunity’ with greater focus on server-side attacks as opposed to client-side, by developing the sophistication of their methods and through increasing the use of encryption to mask malicious activity.
A prime example is the ever-evolving threat of ransomware, which in 2016 has grown to become the most profitable malware type in history. Cisco expects to see this trend continue with even more destructive ransomware that can spread by itself and hold entire networks, and therefore companies, hostage. New modular strains of ransomware will be able to quickly switch tactics to maximize efficiency, leaving enterprises struggling to keep up.
Further, Cisco predicts that future ransomware attacks will avoid detection by being able to limit CPU usage and refrain from command-and-control actions. These new ransomware strains will spread faster and self-replicate within organizations before coordinating ransom activities.
“It's not surprising to see that ransomware attacks are on the rise,” said Smoothwall’s corporate security specialist David Navin. “Large companies often don't allocate enough budget to security without realizing the true impact to the business, and instead we're seeing more and more businesses left vulnerable after acting on this too late.”
These were thoughts shared by Rob Norris, director of enterprise & cyber security in EMEIA at Fujitsu, who explained that whilst many organizations do not view themselves as ‘high-value targets’ and therefore have minimal protection in place, malicious actors will consider these businesses easy victims and will look to hold them to ransom through a ‘soft attack’ that compromises its data.
“With Cisco’s report predicting a new next generation of cyber-attacks, it is vital that businesses look seriously at their cybersecurity initiatives,” he said. “The fact that some aren’t is shocking, as in today’s digital landscape all businesses that use technology are at risk no matter their size.”
To help defend against the ransomware threat going forward organizations need to have enterprise grade security solutions beginning with firewalls, encryption and good security software, added Navin.
“If companies have those measures in place and continue to layer on top of that, then it will reduce the chances of a ransomware attack.”
Source: Information Security Magazine