Corner OfficeCXO Bytes

Protecting against customisable Ransomware


All sorts of Cybercrimes have grown tremendously in recent years. SonicWall’s Cyber Threat Report published in early 2022, details a sustained meteoric rise in ransomware with 623.3 million attacks globally with an exponential rise in all monitored threats, cyberattacks and malicious digital assaults including: ransomware, encrypted threats, IoT malware and cryptojacking.


Customised ransomware

Ransomware has exponentially evolved at an alarming rate, particularly in the past five years, not only in volume but in its attack vectors. In 2021 alone, there was a record 65% increase in ‘never-seen-before’ malware strains, proving how the Chaos ransomware strain evolution is one small fish in a much larger sea. Yet, what really sets this strain apart is its function as a ‘customisable ransomware builder’. This means it is on public sale, so any malicious actor can get their hands on it and later use it as the basis  to develop their own insidious ransomware strains. Cybercriminals are unfortunately ahead of game and are at no shortage of revolutionary tech skills within their organisations, with such agility that can only mean it will evolve faster and stronger each time a new strain is deployed. Seeing ransomware attacks proliferate a staggering 105% last year, alongside the development of new strains, what does this ever-evolving cyber landscape mean for the enterprise?


Race to fight attacks

In the midst of cyber arms race, organisations are fighting to defend against increasingly sophisticated cybercriminals. Cybersecurity experts are working tirelessly to stay one step ahead. As the bad guys leverage better tech, so can security decision-makers in charge of enterprise safety. A vital step in prevention is, of course, the firewall: next-generation models can detect and prevent threat actors  from both entering and exiting networks. The more advanced solutions will be able to keep pace with the onslaught of attacks by inspecting the traffic in real-time and identify any threatening activity or breaches.


Even though threat actors ramp up attacks, the sophistication of the cybersecurity industry in identifying and blocking new ransomware strains can mitigate these attacks. Partnerships  between public and private sectors go a long way to detect threats quicker and help develop a clear understanding of how critical emerging threats are and steps that can be taken to get ahead. As the cyber arms race will likely never slow, neither must the cybersecurity sector’s efforts to become faster, stronger and more collaborative in the endeavour to protect organisations in the private and public sectors alike.


Taking on Responsibility

Most would not like to admit it, but vulnerabilities are inevitable. Although ransomware attacks tend to be out of the control of businesses, the responsibility to alleviate unnecessary pains still initially falls on the vendor, whose responsibility it is to be completely transparent with its customers. As soon as any vulnerability in its software is known, speed and effectiveness in sharing relevant information and patches with customers and stakeholders is crucial.


The ability to overcome such instances rests in solid communication and remediation processes. Once all customers have been notified of a given  vulnerabilities, there must be a rapid and critical response roadmap, including a responsibility shift. As soon as the vulnerability is in the public domain, however, it becomes a ticking time bomb. Here the vendor’s responsibility becomes double-edged: they must be transparent so their customers can apply the fix, but as threat actors scour the internet for this type of information in the hopes of exploiting the announced vulnerability before organisations have had time to apply the patch. Customers must be speedy and proactive in applying the patch to prevent cybercriminals slipping through the net in those few key hours.


However, only those who help themselves can take full advantage of security vendors’ protective measures and prevent the proliferation of cyber-risks. Therefore, the shift of duty from vendor to customer is part of a wider, pivotal lifecycle which is becoming increasingly important in the battle against cybercrime.


Staying ahead of the threats

Unfortunately, we have not yet seen the peak of the cyber arms race. Evolving ransomware attacks and increasingly sophisticated defensive technology serve an essential lesson about the importance of both transparency and proactivity in vulnerabilities occurring.


Some practices to be considered:

Understand the risk : CTOs and CIOs  must understand the risks that their organizations face from attacks of ransomware, traditional malware and other threats and address them as a high priority while avoiding making silly mistakes


Conducting Audits of processes and policies : A complete audit of the organisation’s current security infrastructure, including security awareness training programs, the security solutions they have in place, and the processes they have implemented to remediate security breach is a must.


Multi-layered security approach : It is important to note that security solutions need advanced threat protection features because security is no longer simply about just spam and phishing campaigns. What organisations need today is the implementation of next-generation firewalls and anti-virus software solutions.


Holistic approach to security : Security should be viewed as a holistic exercise, from the

cloud services that are employed to detect and remediate threats all the way down to every endpoint solution.

(The author is Mr. Debasish Mukherjee: Vice President, Regional Sales APJ at SonicWall Inc. and the views expressed in this article are his own)

Leave a Response