Ransomware progression has now reached its new limits. A German woman who needed immediate medical attention, died after being re-routed to a hospital further away, as a nearer hospital was dealing with a ransomware attack.
Ransomware attacks continue to create more disruptions around the world. The UK’s cybersecurity agency has just warned that ransomware groups are launching ‘reprehensible’ attacks against universities as the new academic year starts. Companies of both small and large sizes are seeing more failings in their computer systems daily due to ransomware attacks.
Is ransomware inevitable in this digital world? Is this something that everyone has just learned to accept? In reality, ransomware exists because of a series of failures. While unrelated, they combine to create the conditions under which ransomware can flourish and become one of the biggest menaces on the internet today. If we want to stop the next decade from becoming the decade of ransomware, we need to make some significant changes, says Steve Ranger – UK editor-in-chief, TechRepublic and ZDNet.
Policing versus politics – Many of these gangs operate from countries where their behavior is either not considered criminal, or over-looked by authorities (so long as they don’t attack local companies), or even actively welcomed as a source of new funds. That means treating ransomware as a simple law-enforcement issue is never likely to fix the problem: these states will never hand over these gangs to outside justice. This makes ransomware a political issue as much as a problem for police. Politicians should make clear to these governments that by allowing these gangs to flourish on their soil, they are part of the problem.
Increase the pressure – Intelligence agencies also need to make tackling ransomware a priority. While, understandably, they have focused on state-backed espionage and cyber warfare, ransomware is now becoming such a problem that greater emphasis needs to be placed on identifying, tracking, and disrupting these groups. Some efforts, like the NoMoreRansom project, which offers decryption keys, are a good start, but more effort is needed.
Make paying the ransom an absolute last resort – One of the fundamental issues that allow ransomware to flourish is that it remains lucrative for the gangs because victims will pay up. It’s entirely understandable that victims do pay up especially when the alternative is going out of business or paying much more to restore data and computer systems.
But there are two problems with paying up. Firstly, it normalizes ransomware attacks and turns them into another business expense. You can even buy insurance that will cover them. Turning these attacks into just another business cost means that they are taken less seriously. There is a sense that if data is encrypted – but not stolen – then somehow the breach is less important, and that if the ransom is paid and the data unlocked, then it’s no big deal. This might even make it harder to justify spending money to protect against ransomware.
Worse, paying significant sums is a signal to crooks to move into ransomware, and also strengthens the gangs who can then take on more complicated targets. Paying the ransom makes everyone less safe.
Make security practical – Too much software is shipped with too many holes in it; knitting different systems together, which is one of the inevitabilities of any IT infrastructure, only multiplies those security gaps. Vendors need to fix software before shipping, not after. They need to make it much easier for flaws to be dealt with by their customers, for whom patching is a thankless and Sisyphean task. Equally, users of technology have to make sure they are doing everything they can to make their systems secure, which means spending more time, money, and effort on security. In many cases, this effort means patching vulnerabilities and making staff aware of the risks to stop the hackers from getting through.
By implementing CloudHost Technology’s enterprise-level secured cloud infrastructure, take a holistic, analytics-driven approach to secure what matters the most:
- Manage Identities by governing privileges, enforcing access controls, and unifying identity stores
- Secure applications by embedding strong security and best practices into DevOps processes
- Protect your data by discovering where it is, determining who has access, and guarding it wherever it resides
To know more about how CloudHost tackles security, risks, compliance issues, and our efforts in tackling ransomware, visit here.