You are here
Defending against threat of ransomware and other cyberattacks
AS the number and severity of cyber crime attacks continue to climb, it is not surprising that companies are finding it increasingly more difficult to keep up with the pace.
A staggering 59 per cent of companies last year reported an increase in the severity of cyber exploits, while 53 per cent of the same respondents said that the number of cyber exploits have risen, according to a survey of about 1,700 companies by Ponemon Institute.
Yet, only 39 per cent feel that their existing cyber defences are highly effective in detecting cyber exploits, attacks or breaches.
In particular, one form of cyber attack that seems to be a growing cause of alarm is ransomware, a type of malicious software that operates in a manner akin to digital extortion.
Like other malicious software, ransomware installs itself on computers, often through an e-mail or a download link.
Most commonly, the ransomware then locks some or all of the user's files, preventing the user from gaining access to any data stored in the computer.
Afterwards, the ransomware will leave several messages instructing the user to pay a fee in order to decrypt the files. This fee is usually paid through a form of crypto currency, such as Bitcoin. If the user refuses to pay, usually within a fixed deadline, the user's computer might be permanently locked.
In May last year, WannaCry, one of the most destructive ransomware ever released, hit more than 200,000 computers - including those from Renault and FedEx - across 150 countries, said Europol, the law enforcement agency of the European Union. One report from cyber risk modelling firm Cyence estimates that total damage caused by the attack could cost up to US$4 billion.
Just last month, the effects of the WannaCry ransomware attack were still being felt, as a new wave of WannaCry ransomware infected a dozen of Connecticut government agencies in the United States.
Such attacks have certainly spooked many companies.
According to a survey by Vanson Bourne last year , ransomware is now ranked third among major security concerns - after data loss and phishing - indicated by 55 per cent of respondents.
Additionally, more than two thirds report that they are much more concerned now about ransomware than they were three years ago.
However, the story does not end there - it seems as though companies are bracing themselves for the situation to get far worse before it will get any better. At least four in ten respondents forecast that their organisation will be much more concerned about ransomware.
On the whole, cyberattacks are constantly mutating into newer, more aggressive versions, and ransomware is just one of the forms that have gained notoriety in recent times.
The answer to the 24/7 and ever-changing nature of cyber attacks lies in automation.
Automation in cyber defence is not new, but many companies are still slow to rely on automated tools.
The same survey from Ponemon Institute showed that more than half of the companies had automated tools. But only a fifth of the companies said their organisations' approach to cyber defence primarily relies on these technologies. A key stumbling block is the complexity of automated cyber defence. The majority of the companies polled agreed that the integration of cybersecurity automation within their companies' existing IT security architectures is a complex and time-consuming process.
However, as cybercrime is expected to become a US$2.1 trillion business by 2019, companies should be prepared to face more damaging and diversified attack strategies that can breach even the strongest of defences.
While companies cannot prevent cybercriminals from attacking them, they can control how successful these attacks are.
As such, Juniper Networks is advocating a new approach that is unified, automated, intelligent and consistent across any environment.
A successful security strategy will embrace a unified approach, harnessing every network asset into a seamless cyber defence system. A unified security platform offers an all knowing, all seeing methodology with protection woven into the fabric of the network enabling the detection of internal and external threats.
Adoption of a unified strategy also provides a single point of visibility, management and reporting to strengthen the defence posture while simplifying the company's security environment.
Time is of the essence and when a breach occurs every second counts. To meet these time demands, security processes including policy management, enforcement and remediation must be automated as much as possible.
Automating these processes will significantly reduce the time line for stopping threats on the network. At the same time, automation reduces staff and operating costs, supplementing inexperienced security staff. Statistics from Ponemon Institute showed that cyber automation can save an average of more than US$2.3 million in operating costs.
The dizzying speed at which cybercrime moves poses the most problem for security professionals. Staying ahead of cyber criminals requires an implementation of smart security defences that leverage advanced machine learning. It provides near real time threat data on all the traffic traversing the network.
A security platform with embedded machine learning will also automatically adapt as threats evolve, fortifying defences against never-before-seen attacks.
Threat intelligence gives your security team insight on anomalies and the ability to identify when a threat is likely to occur.
An increasing number of enterprises are building their business on diverse network architecture. According to a study by Tech Pro Research in August last year, 36 per cent of companies have adopted a hybrid cloud strategy and 37 per cent were in the process of evaluating hybrid cloud adoption.
These diverse environments demand a simplified and unified security approach that provides consistent protection across all locations.