It’s been a year since the WannaCry ransomware struck. In a four-day period it attacked 300,000 computers, and cost businesses and individuals billions of dollars.
Gad Naveh of Check Point's Threat Intelligence and Research & Development team did some research on what’s happened in the past year. Since then hackers have created offshoots of the ransomware and they are creating more chaos. His research also points out that — in spite of the continuing threat — businesses still aren’t prepared.
• 77% of chief information security officers (CISO) say they are not equipped to handle these attacks
• Staffing challenges are a problem
• Security technology conflicting with business operation is another
• Just 3% of businesses have the protection needed to repel an attack
• 79% are using security solutions from generations two and three
By the way, Naveh points out that we are now up to generation five — Gen V — of this kind of ransomware. The genesis of ransomware is pre-2000.
He is very critical of nations and businesses and says it’s time for the U.S. and other nations to put an end to this problem. He writes, “It does not really matter who launches an attack or why — countries and global business communities simply need to defend themselves better — because the large-scale, multi-vector nature of these attacks are several generations beyond the average enterprise’s security capabilities.
The reality is we’re spending trillions globally on military defense technologies, but investing only a fraction of that on defending businesses and infrastructure against cyber attacks.”
He suggests going back to the basics to start:
• Segment networks to quarantine attacks
• Segmentation stops them from propagating
• Deploy advanced, real-time threat prevention
• This stops attacks before they get a foothold on a network or networks
• Do this across all environments:
He also notes we need to get past petty differences and work together — large businesses and small. “Because cyber attacks have become the modern weapon of choice for crippling critical infrastructure, we must work together as a global cybe security community to not only protect individual organizations but also to create a shared vision around protecting cities, nations, and the citizens within them. Without a concerted, collaborative effort, we can expect nations, communities, and our most trusted companies to continue to be woefully unprotected against the next mega cyber attack,” he said.
Another report comes to similar conclusions. Datto is a cyber security and data backup company. It recently released its third annual Global State of the Channel Ransomware Report.
The report says ransom ware is the leading cyber attack experience by small to medium-sized businesses (SMB). Ransomware tops viruses and spyware as the biggest threat to their firms.
• 55% of managed service providers (MSP) said their clients experienced a ransomware attack in the first six-months of this year
• 35% said their clients were attacked many times
• Some said they were attacked multiple times during a day
• 92% of MSPs predict the number of attacks will continue at this rate or a higher rate
In the report, the MSPs said their clients have anti-virus software but it’s not enough.
• 85% report ransomware protection is installed
• 65% say email and spam filters are installed
• 29% say their clients have pop-up blockers
All failed to block the ransomware attacks.
As we know, downtime for a small business leads to lost revenue. If the downtime is long enough, a small business can fail. The report says, the downtime and cost of the attack in other areas is 10-times what it costs to pay the ransom.
• The average cost per business is $46,800
• The average ransom is $4,300 per attack
James Bergl is is a director at Datto APAC. He said most businesses don’t report these attacks and just one in four get reported to authorities.
By the way, if you’re an Apple user and think you’re safe, Bergl said Apple operating systems are becoming increasingly vulnerable. In the report, five times as many MSPs reported ransomware attacks on the macOS and iOS platforms from last year to this.
He said the worst attacks are happening in Asia.
The report said the best protection against a ransomware attack is employee training. Education and training are highly recommended. And it is suggested that the training be ongoing and in areas where ransomware attacks are must likely to occur:
• Phishing attacks
• Malicious websites
• Web ads
• Clickbait directed toward a business
Source links: The Next Web, Security Asia