by Simon Edwards
It’s hard to avoid stories warning of the growing ransomware epidemic these days. Yet some IT security leaders are still being caught off-guard. It emerged last week, for example, that an astonishing 30% of councils in England had been hit by a ransomware attack last year. And one suffered an incredible 13 attacks in just 12 months. There’s clearly a need for industry leaders both to raise awareness of the issue and promote a strategy to mitigate the worst effects of this near-ubiquitous threat.
That’s why Trend Micro will be promoting its layered protection message at the Cyber Security Summit in London tomorrow, Wednesday 22nd June 2016. While it can lead to serious repercussions, ransomware can be stopped if organisations follow some basic security best practices and a policy of defence-in-depth.
A bad start to 2016
Ransomware has snowballed in popularity over the past 12-24 months, mainly because cybercriminals have realised it’s a relatively cheap and easy way of making money. Why bother investing time and money in more complex scams if you can force organisations into paying up by simply encrypting their most important data, so it is effectively unusable? It’s a strategy that has reaped huge financial rewards. The FBI reckons ransomware netted the black hats $209 million in the first three months of 2016 alone.
Once infected, many organisations feel they have little choice but to pay up – although there are decryption tools available for some variants, from Trend Micro and other providers. With mission critical data made unavailable, staff productivity grinds to a halt and essential services are disrupted. There’s not only the financial hit of the ‘fee’ for the decryption key to consider, but the money lost in downtime, damaged reputation and even potential legal costs down the line.
The best way to hit back against ransomware is to take preventative steps to avoid ever getting infected. The key to this is a layered approach to security which stops the malware at every possible infection point. This is important as cybercriminals increasingly look beyond targeting users via web and email channels to other parts of the IT infrastructure including the network and servers. We’re also starting to see ransomware bundled with other capabilities – for example, CryptXXX was updated to include data stealing functionality.
Trend Micro recommends IT security managers look at installing security at these layers:
Web and email gateway: Lock down 99% of ransomware threats with protection at this layer to prevent your employees ever being exposed to malicious attachments, URLs etc…
Endpoint: Combine the above with endpoint security with vulnerability shielding, behavioural monitoring, app whitelisting and more
Network: Visibility is key to protecting against ransomware, and could even help stop a broader attack where ransomware is only one element. Ensure you can scan across all network traffic, ports and protocols, and implement advanced sandbox analysis
Server: Virtual patching at this layer will shield server from exploits of software flaws that could be used to inject ransomware
Trend Micro Global CTO Raimund Genes will be on hand at the Cyber Security Summit in London on Wednesday to share these and more tips on how to stay safe from one of 2016’s biggest security threats.
He’ll also explain how basics steps like network segmentation, regular data back-ups, user education, effective patch management and more can help to lock risk down even further. There’ll be other Trend Micro experts at the show on hand to discuss how we can help insulate your organisation from attack by offering industry-leading solutions at every layer of the security stack.
So come down to the show and look out for our stand.
Where: Cyber Security Summit, ETC Venues, 43/44 Crutched Friars, London
When: 22/06/2016; Raimund’s speaking slot at 11.40-12.20