When it comes to practical, real-world protection, cyber-security measures are often not implemented in the way players in the security community would hope. For example, in the case of a ransomware attack, it may appear costlier to restore data from backups than to accede to ransom demands.
Some businesses also do not have backups, or these may not be properly implemented leaving backups vulnerable to ransomware attacks or other risks. The origins of ransomware attacks are often phishing emails containing malware files or links via which to download malicious files. So the transmission method in this instance would be considered email, with a focus on social engineering.
Security products designed to detect malicious emails, files, links or traffic may also be improperly configured, or simply absent. Users may disable or go around security products if they feel those measures are preventing them from doing their jobs.
Whatever the root cause, the end result is that affected businesses may feel they need to pay criminals in hopes of getting their data back. Unfortunately, it will take some powerful action to reverse this trend.
While the specifics of monetary damage vary from one organisation to another, the likelihood of being attacked is currently very high for all industries and sizes of business. By setting in place a solid base of security, we may be able to decrease both the effects of future malware threats and the risk posed by new technology.
Companies can regularly categorise assets and data transmission methods to pinpoint possible vulnerabilities, risks and potential cost of those risks to get a sense of what gaps to address. Unfortunately, any data or systems that are accessible on the network or via the internet are automatically at risk of being encrypted.
To reduce the risk you can install data backups regularly and verify these to mitigate risk, segregate your network to limit the effects of malware once it’s on your systems, filter your email for spam and phishing, as well as block popular file-types used by malware authors and educate users to practice on cyber-security etiquette at all times.
Encouraging users to submit suspicious emails or files to IT or security staff for effectiveness, applying Anti-malware software used on the gateway, network and endpoint devices and using strict Firewalls and intrusion prevention software on your network will also help reduce risks of malware attacks.
Thoroughly assessing risk and improving an organisation’s overall security posture can significantly decrease frequency and severity of all types of security breaches. Despite the current troubles, the opportunity exists to make a significant transformation that could serve as a model of positive change for businesses and industries, as the Internet of Things makes its way into our homes and workplaces. The writer is the Country manager for Internet security firm ESET Kenya