Ann Marie Walter-Allen | The multibillion-dollar industry that should be giving Jamaican CEOs nightmares
OP-ED CONTRIBUTION: DATA SECURITY
Experts project that ransomware attacks could haul in US$20 billion for the perpetrators, come next year, a massive swing from US$345 million in 2015.
These staggering figures reveal both the extent of the payouts to attackers as well as the vulnerabilities that businesses face when it comes to cybersecurity. These attacks often start when a user clicks a weaponised link embedded in a seemingly innocent email.
Ransomware is but one of many cyberattacks that companies are facing today.
Yet many CEOs in Jamaica, and indeed the region, seem to think that a cyberattack will not happen to them.
‘Why would anyone be interested in my data?’ is one of the prevailing questions that incredulously mark this mistaken stance of immunity.
So to the CEOs’ question I say, the attackers are not interested in your data. Their interest is in your willingness to pay them to release your data after they encrypt it – finally putting an end to your business disruption.
The truth is, the impact of ransomware on businesses extends the nightmare well beyond paying the ransom. It affects employee productivity, your brand/reputation, and exposes your company to possible information leaks, litigation and compliance breaches. CEOs who want to avoid being victims of ransomware need to rethink their cybersecurity solution now.
It is very compelling to note that data exfiltration, or encryption (ransomware), is usually the final stage of a system breach that likely happened long before, and remained undetected by your company’s security infrastructure.
The highly regarded IT research firm Gartner agrees that “signature-based anti-malware detection is increasingly ineffective against an explosion in the number of malware variants, as well as an increase in the number of financially motivated attacks”.
Antivirus software, being signature-based, is ineffective against new attacks. The software simply can’t find a match. It’s like trying to match a fingerprint or DNA sample to a criminal who has never before had their data recorded. To make matters worse, simply re-encoding a binary file is often sufficient to bypass a signature that was previously known.
To be clear, antivirus is ineffective against new attacks.
Other areas of vulnerability occur because for many businesses today, production activities are taking place outside of the corporate premises and the traditional security infrastructure.
The traditional security stack we have grown up with – Castle and Moat – is no longer effective. This is because the users you are trying to protect no longer permanently reside within the confines of the corporate perimeter.
How the business secures its data and protects its users has to change.
Still, many of the sceptical CEOs will argue that they have a firewall and antivirus programmes, and are up-to-date. Truth is, every firewall exposed to the Internet is an attack surface and has been the entry point for some of the largest ransomware assaults.
In fact, every successful breach that has been reported had two things in common: the company had a firewall and antivirus, yet they still got breached.
What is needed is a cloud-scale solution that protects users no matter where they go and how they connect to the network in this new, work-anywhere, anytime world. Such a solution, for example, should help organisations, of any size, launch and support a remote workforce securely in a time frame measured in minutes or hours, not days or weeks.
All this makes a strong case that this brave, new world needs equally brave, new solutions to protect company data from those with ill intentions.
Here, I make the point, again: To protect against ransomware and any other type of infiltration, a single solution isn’t enough. Businesses need to look to a next-gen, cloud-based, multilayered security, one that goes with the user wherever they may be, armed with a slew of security tools working together to block malicious traffic.
Ann Marie Walter-Allen is a director of Info Exchange Limited.