How Prepared are you for a Ransomware Attack?

Standing Guard Against The Threat Of Cyberattacks

In 2021, a ransomware attack happens every 11 seconds across the globe, and in India we see 375 cyberattacks every day.
How do we prepare ourselves as organisations when challenges like these come unannounced? In this article that was featured in the Digital First Magazine, our CEO Satyamohan Yanambaka shares insights on the seriousness of cyberattacks and how best to stand guard against it.

How Prepared Are You For A Ransomware Attack?

As organisations continue to increase their digital adoption, cyber criminals have increased their endeavours to exploit the infrastructure vulnerabilities that accompany this fast-expanding digital ecosystem. One of the major reasons for acceleration of digital adoption is the rise in number of remote workers and the work from home trend which has suddenly got a boost because COVID-19 pandemic. The addition of billions of workers who now access organisations’ data from remote places all over the world has increased the number of endpoints which are vulnerable to cyber-attacks. The old infrastructure of the endpoints, older operating systems and just the sheer numbers and physical locations of the endpoints has made the job of the data security experts extremely complex and daunting.

In simple words, ransomware is a malicious software that does not allow you to access your own data or could lock your entire system. It may also steal, delete or encrypt your data.

As per a Gartner report, by the year 2025, 3 out of every 4 organisations will face one or more cyber-attack. Across the globe, businesses will pay a projected $20 billion in ransom, which is 57 times more than in 2015. The real cost of cybercrime is more than $6 trillion once we include the overall cost of recovery including data restoration as well as infrastructure, applications and business recovery. In addition to that there are hidden costs such as loss of reputation, impact on brand and customer sentiments towards the organisation which could impact its future financial growth.

Today’s organizations rely a lot on data, and that is exactly what ransomware attackers are after. The choice of paying a ransom is risky and may not be the best way to recover out of an attack. CyberEdge Group survey reports that less than half of organizations who paid a ransom could recover their files.

To avoid situations where organizations need to pay a ransom, decision-makers must focus their attention on evaluation of cyber security solutions including backup and recovery solutions, ransomware detection solutions, endpoint security solutions for protection and accelerated recovery. Organisations must also assess their readiness in terms of recovery planning. It is critical to have well-documented recovery plans with proper workflows and responsibilities assigned to various roles detailing how your organisation will respond once an attack happens.

While the reactive or corrective measures are important to ensure that your organisation recovers fast from the ransomware attack when it happens, preventive measures are equally critical to be put in place. Preventive measures are required to close security gaps by creating a current-state and target-state of maturity and initiatives to close the gaps. You can also prioritise the initiatives using factors such as effort, cost, risk, and business impact.

Neo ransomware targets to steal valuable data from the victim’s systems and sometimes encrypts it thereby preventing the users to access their own data. This gives the attackers an opportunity to demand ransom for returning the data. The attacker threatens to share the data in public domain thereby compromising the business reputation and the competitive strength. The neo attackers are more precise and are fully involved in the attack as they entrench themselves in the organisation’s network through advanced persistent threat attacks unlike the traditional ransomware attacks. It is important to note that any type of infrastructure can be disrupted by a ransomware attack — whether a business uses on-premises or hosted infrastructure on a public/ private cloud. While companies have gone ahead with accelerating digital adoption, they have created complex networks and systems thereby creating huge challenges in preventing zero-day attacks and file-less outbreaks. To enable proactive prevention, the key things to seek from the organisations are – managing effective cyber security, simplifying the technology stack and improving system performance.

Cybersecurity requires a new integrated approach with a ‘Prevention First’ philosophy. Without a fundamental change in the cybersecurity strategy, attackers will continue to prevail against security teams that are constantly playing catch-up. Neo attackers have a unique strategy of constantly and unpredictably changing their attack methodology to target predictable detection-based security solutions.

Organisations must implement purpose-built and proactive preventative techniques to prevent unknown and unpredictable threats at early stages of attacks before they can cause any damage to enterprise systems. These new solutions have the following benefits:

• Protect organisation data.
• Prevent unauthorised user access.
• Reduce complexity of IT systems.
• Accelerate recovery time after a breach.
• Improve business continuity.
• Improve confidence in organisation’s reputation.

In the new normal, after COVID-19 pandemic has hit the world, Work From Home (WFH), or even more prevalent – Work From Anywhere (WFA) has brought in new challenges.

A data breach through ransomware attack is one of the three most common ways to impact the organisation’s reputation in addition to poor customer service and environmental incidents. CXOs now have very specific needs for Cybersecurity and Privacy Compliance. Proactive approach to address the new challenges is required to keep organisations on the forefront of growth and sustainability.