Held to Ransom: Keeping Your Data Out of the Wrong Hands

Held to Ransom: Keeping Your Data Out of the Wrong Hands

Gad Elkin

Head of EMEA Security at F5 Networks

Views 207

Held to Ransom: Keeping Your Data Out of the Wrong Hands

18.01.2017 11:45 am

Gad Elkin, Head of EMEA Security, F5 Networks

In the 1996 film Ransom, Tom Mullen (Mel Gibson) attempts to retrieve his son from the clutches of a villain, leading a team of FBI agents to heroically save the day. Whilst this film and many others like it cast up images of money arranged neatly in suitcases and dramatic shoot-outs, the tactics of modern criminals have evolved significantly, instead holding businesses hostage via their data.

Hospitals, governments and banks alike have been targeted with ransomware - a form of malware that restricts access to personal files and demands a monetary ransom to be paid before access is returned - with the number of malicious attacks increasing by 16 percent this year alone. The frequency of these attacks and criminal intent behind them highlight that cyber-threats have moved into a new era. This change is reflected in consumer attitudes, with our recent research revealing that 85% of consumers would like to see more hacker convictions and stricter penalties against offenders. Being faced with cyber-extortion threats can be a traumatic experience for any business, but knowing what you’re up against and how to secure your IT effectively can help to remove these worries from the conscience of business leaders.

Knowing your enemy

Early ransom demands were generally low-level, made via email and paid scant attention. They would revolve around DDoS-type attacks that hackers would threaten to execute if a Bitcoin payment was not received, as demonstrated by hacker groups such as DD4BC. Alternatively, devices would be forcibly encrypted, with a fee demanded in order for users to access data stored on them. Whilst the significant pay-out involved means that financial services are consistently targeted, the tactics used have undergone some changes.

Whilst attacks have increased in intensity, hacker groups have also chosen to flex their digital muscles by launching attacks to a very specific intensity, so as to demonstrate their precise capabilities to victims. Another notable shift has been towards publicly shaming victims, a prominent example of which is the Ashley Madison breach. In such instances, hackers already have access to your data and the ransoms victims pay are purely to ensure that it is not released into the public domain.

In addition to the traditional email format, ‘malvertising’ campaigns are also being implemented, even as users visit legitimate websites. With outsourced cloud computing now also commonplace, service providers are being increasingly targeted. This can have a devastating impact, potentially triggering a domino effect by indirectly infecting their customers.

Don’t put your money where your mouth is

Despite their growing incidence, businesses are seemingly unaware of best practice when it comes to reacting to ransom demands. In fact, research from the IoD and Barclays recently found that only 28 percent of cyber-extortion cases are reported to the authorities, highlighting that victims are happier to pay ransoms than risk the release of sensitive data and the associated bad publicity. As our research showed that half of UK consumers would not share data with or purchase products from a company that has been hacked in the past, business leaders’ concern over the reputational impact of cyber-attacks is clearly validated.

Of course, this overwhelming concern for your data is exactly what cyber-criminals are counting on; in reality, businesses should avoid paying an extortionist. Recent advice from the FBI states that ‘paying a ransom not only emboldens current cyber criminals to get involved in this type of illegal activity… by paying a ransom, an organisation might inadvertently be funding another illicit activity associated with criminals.’ Furthermore, perpetrators are encouraged to carry out repeat attacks on the same target if they show willingness to pay up. Most importantly, there are often significant question marks over how real these threats are. Taking the example of recent attacks by the Armada Collective, thought to be a derivative of DD4BC, there was no way the group could have known which of their victims paid a ransom, suggesting that the threat was likely redundant. 

Prevention is better than the cure

Although businesses are beginning to better educate their employees about potential risks and best practice for responding to cyber-ransoms. Before considering this, they must ensure that integral applications are well protected against sophisticated attacks. The first stepping stone to this must be a full evaluation of a business’s current infrastructure, to assess whether they would be able to withstand an attack of the magnitude that hackers are now capable of producing. Following this, employing a combination of on premise and cloud-based services can mitigate attacks in real-time and prove cost-effective by scaling up and down depending on attack volume and intensity.

Another key element is ensuring that your business is protected around the clock. Access to expertise, reporting and analysis at your fingertips is now a requirement to keep businesses and end-consumers safe and satisfied. Businesses have shown a growing inclination towards managed security services and the high-level expertise associated with them, given the increasingly hostile spectrum of cyber-ransom threats.

Over the past few years, the primary change in attitudes to cyber-ransoms has been that businesses are now immediately acting on ransoms demands posted by hackers, rather than only taking them seriously once significantly impacted. Whilst this is a positive, many are now moving towards the other extreme by paying hackers without sufficient consideration, something that can only serve to perpetuate the problem. Fundamentally, putting the appropriate measures in place to secure your applications will relieve worries over cyber-extortion, a scenario far preferable to giving up business revenue unnecessarily.

Latest blogs

Darren Capehorn Icon Solutions

Unbanked and Unconnected: Supporting Financial Inclusion Beyond Digital

Many of us take it for granted, but accessing basic financial services is fundamental to our economic and social development. It is hard to ‘get on’ if you are forced to hide life savings under the mattress, or rely on predatory loan sharks for Read more »

Konstantin Demishev Archer Software

How Machine Learning Helps Fintech Companies Detect Fraud

Machine learning (ML) is one of the most discussed technological tools, and if in the past only a few companies could use it due to high cost and lack of resources, today many industries use ML. The financial sector is not an exception and embraces Read more »

Nish Kotecha Finboot and Bryan Foss, NED, Visiting Professor at Bristol Business School and member of the FRC Audit & Assurance Council

How Listed Companies Can Use Blockchain to Prevent Auditing and Reporting Malpractice and Avoid Scandal

Not too long ago, there was very little to link Wirecard, the disgraced payments platform in Aschheim, Germany, with Boohoo, the fast-fashion online retailer in Leicester, England, but both have recently been embroiled in high-profile scandals. Read more »

Leon Muis Yolt Technology Services

The Time for Financial Services to Become Truly Digital is Now

The financial services industry looks set to change dramatically over the next couple of years in response to COVID-19. The pandemic has certainly highlighted some inefficiencies and weak spots in current processes for many businesses, such as those Read more »

Granville Turner Turner Little

The Lockdown Money Revolution

Many Brits have found that lockdown has been beneficial for their money, having cut back on personal spending and managing to put away some extra cash. According to eToro, Brits with unspent discretionary income are set to accumulate £75.5bn in Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel