PC-JUL22-PG08-09.1_Layout 1 26/07/2022 10:01 Page 8
COMMUNICATIONS & NETWORKS
WHAT’S NEXT WITH RANSOMWARE?
providers. They have websites, feature updates, community forums and subscriber benefits as well as portals to keep track of your attack attempts. Inexpert hackers who would not be able to develop ransomware code themselves can become RaaS affiliates or pay for a ransomware package. This gives them access to malware developed by a RaaS operator which they can use to launch sophisticated ransomware attacks. The rise of RaaS means that ransomware
attacks are now quicker and easier to carry out. On the other hand, cyber security experts may be able to identify which RaaS operator an attack is coming from by analysing their tactics. Knowledge of the operator’s model in previous attacks can help experts decide how to proceed with a current attack to mitigate the financial and data losses. How to protect yourself from RaaS:
• If you become a victim, contact a cyber
Anthony Green, CTO of FoxTech, gives us an update on the latest ransomware tactics, and how to stay one step ahead of the attackers
cyber attack, and it costs the global economy an estimated USD$20 billion in 2021. For those hit by an attack, recovery cost an average of USD$1.8 million, and a third of companies were forced to pay the ransom to retrieve their data. Ransomware is a form of malware which
T
can either lock you out of your network or encrypt all your data. Once your system has been infected, the malware will ask you to pay a ransom (typically in an untraceable cryptocurrency such as Bitcoin) in exchange for the return or decryption of your data. How and why is the ransomware landscape
changing? Why do hackers evolve their tactics? Anthony Green has first-hand insight into the changing tactics of cyber attackers. He helps businesses who have fallen victim to an attack and works to strengthen the resilience of vulnerable organisations. He said: “It sounds like a cliché, but
ransomware attacks rely on the element of surprise, which is why cyber criminals are notoriously agile. By constantly changing their tactics, threat actors bewilder their victims, and incite a sense of panic that results in the ransom being paid. “2021 saw several major ransomware
here’s no doubt that ransomware is a threat to businesses all over the world. It’s one of the most devastating forms of
attacks. Probably the most high-profile were the Kaseya attack, and the Colonial Pipeline attack. This led to the US government demanding consequences for major threat actors, contributing to ransomware operator REvil being infiltrated and shut down. However, this hasn’t solved the problem. Other attackers are keen to avoid similar retribution so many operators are staging false shutdowns and reopening under new names. Ultimately, cyber criminals are extremely agile and elusive, so ransomware is not going away any time soon. Businesses need to get informed and take the right steps to increase the resiliency of their systems.” So, how are ransomware attackers
operating, what tactics are hackers currently using, and crucially, how can businesses protect themselves? FoxTech provides its guide below: Ransomware as a Service (RaaS) In 2021 we saw the effects of Ransomware
as a Service (RaaS). The RaaS model has expanded massively in recent times, and it’s big business. It facilitated a huge rise in ransomware attacks in 2021, a trend which is predicted to continue throughout 2022. How does it work? Malicious RaaS
companies operate in a similar way to legitimate Software as a Service (SaaS)
8 JULY/AUGUST 2022 | PROCESS & CONTROL
security expert immediately – they will have knowledge of each RaaS operator’s model in previous attacks and may be able to identify which operator an attack is coming from by analysing their tactics. This can help them decide how to proceed with a current attack to mitigate the financial and data losses • Prevention is always better than cure.
Invest in expert cyber security monitoring from a Security Operations Centre that can identify breaches before an attack is launched, and regularly patch vulnerabilities to your network • Conduct cyber security training with your
employees - most ransomware attacks originate with a phishing email. The National Cyber Security Centre offers an excellent free training programme. Medium-sized businesses Research on the first quarter of 2022 by threat intelligence firm Analyst1
, has shown
that cyber criminals are shifting ransomware tactics away from corporate ‘big game hunting’ and instead attacking medium-sized businesses. After the string of high-profile ransomware
attacks in 2021, and the subsequent international pressure to find and dismantle criminal groups, it is thought that the major threat actors are keen to remain under the radar with lower-profile attacks. In addition, smaller companies are likely to be less prepared to deal with an attack, and often have more IT vulnerabilities than large corporate companies. How to protect yourself: • Know your risk, so you can begin to
mitigate it. FoxTech offers a free Cyber Risk score which operates like a credit score for your cyber security • Smaller businesses that do not have the
capacity to employ cyber security experts in- house should look to find a trusted cyber
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60 |
Page 61 |
Page 62 |
Page 63 |
Page 64 |
Page 65 |
Page 66 |
Page 67 |
Page 68 |
Page 69 |
Page 70 |
Page 71 |
Page 72 |
Page 73 |
Page 74 |
Page 75 |
Page 76 |
Page 77 |
Page 78
