Ramya Menon on April 11, 2017

How Enterprises in the UAE Should Prepare for the Ransomware Onslaught in 2017?


Pundits are calling it the rise and rise of ransomware. Ever since cyber criminals saw the potential of having individuals and enterprises at their mercy by gaining access to personal and professional information, cybersecurity experts are facing one of the biggest challenges in the last few years. In 2016, the number of attacks grew five fold and warnings were issued from government officials in many countries including the UAE.

In fact, according to a report released by technology company Symantec, it was found that instances of the crypto-ransomware has grown by 44% in the UAE since last year. Gulf News reports that businesses in the UAE were a victim of 2.7 per cent of global targeted attacks, with an organisation facing an average of 2.2 attacks through 2016. This threat is expected to grow significantly this year. This pervasive form of cyberattack can be debilitating to enterprises, regardless of size or industry, and can cause grave amounts of stress and costs to consumers. The skyrocketing growth is due to that fact that ransomware is getting easier and easier to send and that it offers a quick and easy return on investment.

Other types of cyberattacks typically take more work to monetize. Stolen credit card numbers have to be sold and used before the cards are canceled, for example. Identity theft takes even more of a time commitment.

With ransomware, however, victims tend to pay quickly. Instead of hunting through company networks for valuable data, exfiltrating it, processing it, and monetizing it, ransomware criminals can just sit back and watch the money flow in.

With more and more companies becoming reliant on data mining, a data breach can cost companies more than just money. And the stark reality is that there is no magic potion to fight this infection that is spreading across the digital ecosystem. The only solution is a layered approach to securing against ransomware, including extensive training of employees.

The first step towards building resilience to ransomware is to identify where the attacks are coming from. According to a report released by PhishMe, 93% of phishing emails contain encryption ransomware. It is the easiest way in which weak links within a personal and professional environment can compromise information. Anti phishing software is one layer of protection companies can add to prevent data breaches. Leveraging on our own 25 years of experience in the cybersecurity industry in the UAE, we have developed our own inhouse product to protect against phishing. VPhish, unlike many of the products available in the industry, does a hygiene check on how employees react to phishing attempts. Therefore it helps to build a process around protecting against phishing and identifying points of vulnerability.


But the biggest step towards protecting against ransomware is to back up data diligently. Nowadays attacks are not restricted to gaining access through phishing. Every day more and more creative attempts are made to breach cybersecurity. If you are attacked with ransomware you may lose the data that you were working on just a few hours before the attack, but if you can restore your system to an earlier snapshot or clean up your machine and restore your other lost documents from backup, you can rest easy in terms of business continuity.

But the biggest step towards protecting against ransomware is to back up data diligently. Nowadays attacks are not restricted to gaining access through phishing. Every day more and more creative attempts are made to breach cybersecurity. If you are attacked with ransomware you may lose the data that you were working on just a few hours before the attack, but if you can restore your system to an earlier snapshot or clean up your machine and restore your other lost documents from backup, you can rest easy in terms of business continuity.

Network administrators can also limit access to prevent thousands of employees from becoming trigger points to security breaches. Administrators can also segment access to critical data using redundant servers. If one server gets locked by ransomware, it won’t affect everyone. This tactic also forces attackers to locate and lock down more servers to make their assault effective. So Identity and Access Management (IDAM) will continue to be a dominant topic in cybersecurity discussions for all enterprises.


Yet another yesteryear cyber security thumb rule to help with protection against ransomware is to enable the viewing of file extension. In Malicious attacks, extensions like .exe can easily be hidden as word documents, images and so on. But if downloaded and opened they can tap into all the data causing huge breaches. Network administrators should enable this on all the systems.

Besides these general security practises also will need to be followed. Educating yourself and your employees about accessing public networks, enabling firewalls, having a secure password system, installing updates and so on can also mitigate attacks to a certain extent.

These measures will still not ensure complete protection against ransomware. But at least these measures can ensure some level of protection against ransomware. Ransomware brought extortion to a global scale, and it’s up to all of us, users, business-owners and decision-makers, to disrupt it.





Top Posts:


Top

Help Desk