Intelligent CIO APAC Issue 14 | Page 33

EDITOR ’ S QUESTION
MARK LUKIE , SALES ENGINEER MANAGER – APJ , BARRACUDA

If your organization falls victim to a ransomware attack , the very last thing you should do is pay the cybercriminal ’ s demands .

Buckling under the threat and making payment , usually in Bitcoin or another cryptocurrency , may seem like the easiest way out of a dark corner , but it does nothing to help stem the rising tide of attacks occurring around the world . It also doesn ’ t guarantee you ’ ll actually regain access to your data .
A further risk arises when cybercriminals copy sensitive data before they encrypt it . Even if the ransom is paid , they still have the option of selling this data to another party or simply releasing it in the hope of causing reputational damage to the victim .
The recent surge in ransomware attacks has been aided by the large number of people who have been forced to work remotely during the COVID-19 pandemic . No longer protected by perimeter security as they are in the office , they ’ re more open to threats and attacks .
Ransomware is also proving very lucrative for criminals as a result of surging cryptocurrency prices . The digital currencies are the perfect payment mechanism as they are unregulated and difficult to trace .
Attacks are also increasing in number because of the relative ease with which they can be conducted . It ’ s even possible to make use of so-called ‘ ransomware- As-a-Service ’ which removes the need for any technical knowledge at all .
It should also be noted that paying a ransomware demand can also put an organization at a greater risk of further attacks . It is a winning situation for a hacker when they receive payment , so they are likely to target the same organization multiple times . As long as the opportunity for payout remains , the attacks will continue .
Preparation is better than payment
To avoid falling victim to an attack , and ensure systems can be recovered quickly should one occur , every organization needs to have some key elements in place . These include :
• Advanced Firewalls : If a user opens a malicious attachment or clicks a link and triggers a download , an advanced network firewall provides a chance to stop the attack by flagging the executable as it tries to pass through .
• Malware and phishing detection : For emails with malicious attachments , static and dynamic analysis can detect indicators that the document is trying to download and run an executable file . Phishing emails that can lead to an attack can also be spotted and quarantined for further inspection .
• Zero Trust : Rather than relying on traditional VPN links , implement a strategy of Zero Trust to ensure users , applications and data are secure at all times .
• Regular backups : Conducting regular backups of critical data is a vital part of any preparations . If an attack happens , cloud backup can allow core systems to be quickly restored , minimizing cost and disruption .
• User-awareness training : The weakest link in any security infrastructures continues to be the users . By visiting a rogue website or opening a suspicious email attachment , they can unwittingly launch an attack that brings their organization to its knees . Conduct regular training sessions to explain the nature of the threat and the basic steps they need to be taking to reduce risk levels .
All evidence points to the number and severity of ransomware attacks continuing to grow in the months ahead . This is why preparation rather than payment remains the best strategy to follow .
www . intelligentcio . com INTELLIGENTCIO APAC 33