The threat of ransomware came into sharp focus over the course of 2016. Cybersecurity trackers have been aware of ransomware for almost a decade. Observed instances had been steadily rising, with 3.2 million reported in 2014 and 3.8 million in 2015. But in 2016, the number of instances skyrocketed to 638 million.
The St. Louis public library system became one of the latest high-profile victims when up to 700 of its computers were affected by hackers demanding $35,000 in “ransom” in order to restore access. The initial plan was to refuse to pay and to wipe the computers clean, but a workaround was discovered to thwart the hackers’ plans. Despite this optimistic outcome, library computers remained offline for weeks, severely disrupting operations and services.
As this example illustrates, no organization is immune from these attacks. In fact, a survey of 500 businesses revealed that 50 percent had dealt with ransomware in the preceding 12 months alone. This is the most urgent cyber threat right now, and it’s likely to get worse.
Cyber threats are on the rise across the board, but few have grown as exponentially as ransomware has. Part of the reason is that it’s relatively easy to deliver ransomware and infect large networks. Conducting these attacks is also low-cost, thanks to a wealth of ready-made options on the underground market, and low-risk in terms of enforcement. However, the biggest reason ransomware is so prevalent is simply that it’s profitable.
Unlike other cyberattacks that create disruption or seize control of assets with abstract value, ransomware pays direct dividends for the perpetrators. The overall amount paid out in just the first three months of 2016 totaled $209 million, a figure that was expected to top $1 billion by year’s end. The low-risk, high-reward nature of ransomware essentially guarantees that these attacks will only continue to grow in frequency and severity.
The threat of ransomware demands a response that’s not only urgent, but also strategic. Some of the unique technical features of ransomware allow it to undermine traditional approaches to cybersecurity. As a result, any security infrastructure that does not specifically address ransomware is vulnerable now and likely to be in peril soon.
Today’s ransomware landscape is such that no one-size-fits-all strategy can sufficiently guard against it. However, the broadest solution available is to rely on cloud- and network-based security and cloud-based storage to back up data and systems.
Cloud- and network-based security pushes threats away from the perimeter of the wide area network, making it much easier to detect, deflect, and destroy ransomware attacks far outside the extended network’s perimeter before they seize control. These security strategies offer a more flexible, agile, adaptive way to update your security protocols. With the features cloud-based security offers, you can edit solutions centrally and gain more visibility into threatening activities.
That’s the first step. Cloud-based storage provides a second layer of protection. While cloud-based security features thwart threats by keeping them outside the borders of your wide area network, if hackers do breach your network’s defenses, using cloud storage neutralizes the negative effects of a ransomware attack. Because you have your whole system backed up, the ploy won’t affect your organization, and you won’t need to worry about paying ransom to criminals.
Cloud-based storage won’t protect your network, but it can be a failsafe, should ransomware take hold of your systems and data. Look at it as cloud-based insurance.
The cloud is the only platform with the agility to respond to evolutions in ransomware. The purpose of these attacks won’t change, but the delivery methods certainly will. Because cloud environments offer scalable and flexible resources, they allow enterprises to reliably keep up with changes in the threat landscape. Particularly sensitive industries like healthcare, retail, and finance can leverage the cloud by partnering with security providers who offer cutting-edge portfolios of security services.
However, simply adopting cloud-based security and storage is not an adequate response to the threat of ransomware. Your IT team will need to take full advantage of the unique features of the cloud to insulate your organizations’ networks in a meaningful way. And you’ll need to bolster those efforts with an internal campaign to educate all users on the roles they play in helping to keep the network secure.
Here are three ways to implement a multilayered, cloud-based, failsafe approach to your organization’s network security.
1. Leverage advanced security features in the cloud.
Security protections layered over the cloud exceed the capabilities of almost every private enterprise’s infrastructure. They combine sophisticated access controls and advanced encryption technology with expansive capabilities for testing security and vulnerability. Many of these security features also provide necessary levels of protection against distributed denial of service attacks, amplifying their overall utility.
2. Rely on robust disaster-recovery capabilities.
The cloud will always have more reliability and resiliency built in than the average data center. Thanks to expansive storage capabilities and streamlined failover processes, the cloud is becoming the preferred platform for backup recovery. An approach that relies on multiple clouds provides expansive levels of protection without creating huge new costs or unmanageable complexity.
3. Execute expansive user education and training.
Ransomware protection is not complete without addressing the human element. Even cloud-based security is vulnerable unless users understand the threat of ransomware and the risks their personal actions can create. To create a healthy sense of urgency, point out that the cost of cybercrime is expected to reach $2.1 trillion by 2019. Complement that knowledge with education and training to familiarize all users with best practices and updated security guidelines for individuals.
If — or, more likely, when — your systems are hit with ransomware, you will have to select the lesser of two evils: pay the ransom or operate without essential data and IT.
Rather than being forced to make an impossible choice, adopt a preventive strategy as soon as possible. Fortunately, cloud-based security and storage can protect your network from the evolving threats of today and tomorrow.
By Karin Ratchinsky