Taking a stand against ransomware

In the wake of the WannaCry ransomware attack that disrupted the NHS and a host of other organisations across the globe, Hatim Naguib – the SVP and GM security at Barracuda Networks – said it was time businesses (and government) took a stand against ransomware, and develop new ways to mitigate the risk to consumers.

Naguib said this at Barracuda’s No More Ransom roundtable, alongside Raj Samani – an advisor on internet security at the Europol Cybercrime centre and chief scientist at McAfee/Intel. At the roundtable the speakers introduced the No More Ransom portal, which takes intelligence and turns it into actionable insight for those affected by ransomware.

>See also: NHS Trust successfully fought back WannaCry ransomware with AI

The pair explained that WannaCry had been building up since January 2016, and that it was different to the usual types of ransomware strains in that WannaCry targeted a leaked Microsoft exploit, rather than the targeting of individual employee emails. According to a Barracuda survey, 75% of ransomware attacks generate from email as a threat vector.

#NoPay

The global WannaCry ransomware attack was not significant in terms of financial gain. In the week after the attack, only £72,000 had been payed out, out of the 374,000 victims. Those that did pay, to Samani’s knowledge, did not get their data back.

A few years ago, corporate policy – regarding ransomware – was to pay the ransom, because it was a relatively unknown, frightening threat. However, this practice has appeared to shift. Not paying the ransom is the best policy to have. It perpetuates the problem.

Huge impact

Despite the relatively little financial impact, the attack was of global significance, dominating headlines. So much so, that the Disney ransomware attack, which had huge financial implications, was not nearly as well covered.

>See also: WannaCry showed that firms need a stronger line of cyber defence

WannaCry targeted multiple organisations across the world, with some geographic black spots. Naguib suggested that the reaction was particularly strong because it was a personal attack. The really frightening aspect of this attack was it had no purpose, seemingly, other than to cause chaos. The Mirai Botnet attack, using IoT devices was clearly an attack on large organisations. But WannaCry was merciless and did not discriminate.

Constant

This, as the readers will know, was not a one off attack. ‘We are in constant crisis,’ said Samani, and ‘we have to something better as a society’. It’s an on-going issue, explained Naguib, and there is ‘an obligation to figure out how to protect ourselves’.

It is no good pointing the finger, continued Samani. After an attack like this, who is to blame is given the highest priority, but this is misguided. In this case, it was easy to blame the NHS’s critical infrastructure and its reliance on legacy technology. But this, Hatem explained, is unfair. To undertake something like this would be a huge, costly operation. In the NHS’s case the decision to patch machines might mean that money is not available for more beds or doctors.

Ultimately, if blame is to be placed, it should be given to the criminals who orchestrated the attack. It’s not about bits and bytes, ransomware attacks like this really impact people’s lives, and because of the size of this latest attack the public is becoming more aware of the threat.

>See also: The global ransomware attack a cyber wake-up call

This attack represents the evolution of crime. It is no longer right, suggested Samani, to differentiate between cyber crime and crime: ‘cyber crime is crime, cyber war is war. This is the world we now live in’.

Prevention

Naguib explained that having the right level of email protection is crucial to defending ransomware attacks, while education and training of employees was vital to managing the upsurge in ransomware. The final measure is an effective backup and recovery system for an organisations data, should a ransomware attack infect the systems.

In a concluding thought, Samani said that technology should not be viewed in a bad light following attacks like these. It should be viewed as a force for good that can provide early digital warnings of an impending attack.

 

The UK’s largest conference for tech leadership, TechLeaders Summit, returns on 14 September with 40+ top execs signed up to speak about the challenges and opportunities surrounding the most disruptive innovations facing the enterprise today. Secure your place at this prestigious summit by registering here

Avatar photo

Nick Ismail

Nick Ismail is the editor for Information Age. He has a particular interest in smart technologies, AI and cyber security.

Related Topics

Ransomware
WannaCry