Held to Ransom: Keeping Your Data Out of the Wrong Hands

Held to Ransom: Keeping Your Data Out of the Wrong Hands

Gad Elkin

Head of EMEA Security at F5 Networks

Views 194

Held to Ransom: Keeping Your Data Out of the Wrong Hands

18.01.2017 11:45 am

Gad Elkin, Head of EMEA Security, F5 Networks

In the 1996 film Ransom, Tom Mullen (Mel Gibson) attempts to retrieve his son from the clutches of a villain, leading a team of FBI agents to heroically save the day. Whilst this film and many others like it cast up images of money arranged neatly in suitcases and dramatic shoot-outs, the tactics of modern criminals have evolved significantly, instead holding businesses hostage via their data.

Hospitals, governments and banks alike have been targeted with ransomware - a form of malware that restricts access to personal files and demands a monetary ransom to be paid before access is returned - with the number of malicious attacks increasing by 16 percent this year alone. The frequency of these attacks and criminal intent behind them highlight that cyber-threats have moved into a new era. This change is reflected in consumer attitudes, with our recent research revealing that 85% of consumers would like to see more hacker convictions and stricter penalties against offenders. Being faced with cyber-extortion threats can be a traumatic experience for any business, but knowing what you’re up against and how to secure your IT effectively can help to remove these worries from the conscience of business leaders.

Knowing your enemy

Early ransom demands were generally low-level, made via email and paid scant attention. They would revolve around DDoS-type attacks that hackers would threaten to execute if a Bitcoin payment was not received, as demonstrated by hacker groups such as DD4BC. Alternatively, devices would be forcibly encrypted, with a fee demanded in order for users to access data stored on them. Whilst the significant pay-out involved means that financial services are consistently targeted, the tactics used have undergone some changes.

Whilst attacks have increased in intensity, hacker groups have also chosen to flex their digital muscles by launching attacks to a very specific intensity, so as to demonstrate their precise capabilities to victims. Another notable shift has been towards publicly shaming victims, a prominent example of which is the Ashley Madison breach. In such instances, hackers already have access to your data and the ransoms victims pay are purely to ensure that it is not released into the public domain.

In addition to the traditional email format, ‘malvertising’ campaigns are also being implemented, even as users visit legitimate websites. With outsourced cloud computing now also commonplace, service providers are being increasingly targeted. This can have a devastating impact, potentially triggering a domino effect by indirectly infecting their customers.

Don’t put your money where your mouth is

Despite their growing incidence, businesses are seemingly unaware of best practice when it comes to reacting to ransom demands. In fact, research from the IoD and Barclays recently found that only 28 percent of cyber-extortion cases are reported to the authorities, highlighting that victims are happier to pay ransoms than risk the release of sensitive data and the associated bad publicity. As our research showed that half of UK consumers would not share data with or purchase products from a company that has been hacked in the past, business leaders’ concern over the reputational impact of cyber-attacks is clearly validated.

Of course, this overwhelming concern for your data is exactly what cyber-criminals are counting on; in reality, businesses should avoid paying an extortionist. Recent advice from the FBI states that ‘paying a ransom not only emboldens current cyber criminals to get involved in this type of illegal activity… by paying a ransom, an organisation might inadvertently be funding another illicit activity associated with criminals.’ Furthermore, perpetrators are encouraged to carry out repeat attacks on the same target if they show willingness to pay up. Most importantly, there are often significant question marks over how real these threats are. Taking the example of recent attacks by the Armada Collective, thought to be a derivative of DD4BC, there was no way the group could have known which of their victims paid a ransom, suggesting that the threat was likely redundant. 

Prevention is better than the cure

Although businesses are beginning to better educate their employees about potential risks and best practice for responding to cyber-ransoms. Before considering this, they must ensure that integral applications are well protected against sophisticated attacks. The first stepping stone to this must be a full evaluation of a business’s current infrastructure, to assess whether they would be able to withstand an attack of the magnitude that hackers are now capable of producing. Following this, employing a combination of on premise and cloud-based services can mitigate attacks in real-time and prove cost-effective by scaling up and down depending on attack volume and intensity.

Another key element is ensuring that your business is protected around the clock. Access to expertise, reporting and analysis at your fingertips is now a requirement to keep businesses and end-consumers safe and satisfied. Businesses have shown a growing inclination towards managed security services and the high-level expertise associated with them, given the increasingly hostile spectrum of cyber-ransom threats.

Over the past few years, the primary change in attitudes to cyber-ransoms has been that businesses are now immediately acting on ransoms demands posted by hackers, rather than only taking them seriously once significantly impacted. Whilst this is a positive, many are now moving towards the other extreme by paying hackers without sufficient consideration, something that can only serve to perpetuate the problem. Fundamentally, putting the appropriate measures in place to secure your applications will relieve worries over cyber-extortion, a scenario far preferable to giving up business revenue unnecessarily.

Latest blogs

Nabeel Irshad Mastercard

Two sides of the same coin: Financial and digital inclusion

The issue of how to tackle financial inclusion has long been a part of the conversation in banking and financial services circles. Regulations have ledto the UK’s biggest banks having to provide ‘basic bank accounts’ to cater for those who do not Read more »

Alex Malyshev SDK.finance

The Biggest Danger to Branchless Banking

With a third of the global population on lockdown and scores of bank branches closed, many are convinced that branch banking is dead, and the future is branchless. Is this really true? Branchless alternatives like Revolut, N26, Monzo, and NuBank Read more »

Dima Feldman and Aviv Castro Altair Semiconductor, a Sony Group Company

Constantly tracking anything, anywhere

The internet of things is changing the shape of many businesses. Not only does the IoT herald in greater visibility of production asset effectiveness, improve operational efficiencies, and facilitate more informed decision making, it is also Read more »

Francesca Campanelli Axyon AI

How Fund Managers Can Use AI to Retain Current Investors and Rebuild Client Confidence

After months of market volatility and challenging conditions, fund managers are starting to see a light at the end of the Covid-19 tunnel. Countries are starting to relax their lockdown measures and restart economies, with stock markets reacting Read more »

N/A ReliaMax

College Dreams? Here’s How to Get Accepted

Higher education in the United States is not just about getting accepted, it is about where you get accepted. Sure, there are options, there are seemingly endless options - from community colleges to Ivy League schools and everything in between. The Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel