Back in October, odix was hosting a webinar on the future of ransomware. The event focused on how ransomware has evolved to being the main attack vector used by cybercriminals across the world. More importantly, however, were the questions how ransomware will evolve further and organizations can do to prevent or at the very least mitigate ransomware attacks.
The panel consisted of Amir Rashad, CEO of supply chain management company Centersource.io, Cybersecurity & Compliance Manager at CountryMark Stephanie Scere as well as odix CTO Omri Eytan. For Cyberprotection Magazin, Editor Patrick Boch joined the panel.
The popularity of ransomware
In order to explain the popularity, the panel first touched upon the reasons why ransomware is so popular these days. Unfortunately, it cannot be broken down to one specific reason, which would’ve made the mitigation and defense against ransomware a lot more easy. Instead, quite a few developments help spark the ransomware market. Amir Rashad pointed out one of the major weaknesses of cybersecurity, the human factor – after all, ransomware often enters an organization through some form of social engineering. In addition, the existence of cryptocurrencies makes it easy for criminals to obtain their payment – something which was harder to do before the rise of bitcoins and other forms of anonymous digital payment. Finally, Stephane Scere emphasized the darknet, and particularly the thriving underground economy which nowadays offers “ransomware-as-a-service”, making ransomware attacks available even for those attackers, who might not possess the technical knowledge for launching an attack of their own.
That last point is especially interesting when you consider that studys show that there are only a handful of different ransomware strains, which points to just a few players owning the overall market for ransomware. Just as in the “real” economy, that shadow economy therefore works by providing a few platforms that literally anyone can utilize. With “plug-and-play” kits, tutorials how to use and how to spread ransomware, and even an initially low financial investment, “the bar to get into that business became really low”, as Omri Eytan from Odix put it.
Awareness is key
As a consequence of the broad spectrum of the origin of ransomware attacks, the panelist agreed that ransomware is here to stay, at least in the short- and mid-term. However, organizations are not helpless against these kinds of attacks. Amir Rashad suggested to have a close look at the general cybersecurity hygiene. One example he mentioned was off-boarding employees: “it’s very important to have a very clear off-boarding program for employees who leave to ensure that all their services are closed, that if they know any shared passwords that those are changed.” Other things to consider in this context are concepts such as Zero-Trust, i.e. only giving users the permissions needed to do their actual job.
As a first step, however, cyber awareness campaigns should become more common. When we cross a street, we know to look left and right first to ensure not to be run over. This mindset is yet to become common sense when working with electronic equipment. If you look at the most common passwords, most of them are can easily be broken within seconds – quite literally – rendering any subsequent measure of entering the digital premise useless. This ties in with some of the findings that we have highlighted here at Cyberprotection Magazine: Even the most basic security measures go a long way in protecting an organizations’ assets. Don’t get confused by acronyms and terms the cybersecurity industry throws at you. Rather, start with some common sense, a few easy-entry tools and solutions to protect your most important assets and, not to forget, make sure you and your employees understand the consequences of a cyber attack. True, those measures will not prevent Ethan Hunt from the Mission Impossible Force exploiting your assets, but it will definitely keep the average cybercriminal at bay.