Expert Commentary – GCHQ Cybersecurity Boss Sounds Alarm Over Extortion By Hackers

This morning a news story broke on the topic of how ransomware is now representing the biggest threat to online security for most people and businesses in the UK. Lindy Cameron, chief executive of the National Cyber Security Centre, will say in a speech that the phenomenon, where hackers encrypt data and demand payment for it to be restored, is escalating, and becoming increasingly professionalised.

Experts Comments

June 15, 2021
Raghu Nandakumara
Field CTO
Illumio

Why do you think the ransomware threat has become so significant?

 

Ransomware attacks are now a commodity that anyone can request on demand, via “Ransomware-as-a-service” offerings. This means that the technical sophistication required by the original requestor is low – they do not need to craft either the ransomware itself or its method of delivery – as they can almost nominate a target and click go, leaving the Ransomware service provider to do the rest. From the service providers

.....Read More

Why do you think the ransomware threat has become so significant?

 

Ransomware attacks are now a commodity that anyone can request on demand, via “Ransomware-as-a-service” offerings. This means that the technical sophistication required by the original requestor is low – they do not need to craft either the ransomware itself or its method of delivery – as they can almost nominate a target and click go, leaving the Ransomware service provider to do the rest. From the service providers perspective, this is appealing as it’s a far more robust revenue stream. What we have now is a perfect storm – motive, means and opportunity are all nicely aligned to ensure that the ransomware train continues to gather momentum.

 

 Is there anything more organisations need to be doing to protect themselves and their data?

 

Organisations need to adopt an “assume breach” mindset when it comes to planning their security defences. How would they mitigate the spread of an attack to ensure the impact is kept to a minimum? Can they recover fully and efficiently from backups, thus reducing the need to consider paying the ransom? Can they (themselves or through trusted 3rd parties) forensically assess their estate to ensure all traces of the attacker have been removed? Organisations should repeatedly ask the question “what’s the worst that could happen?” and continue to enhance their security capabilities until the answer to this is an acceptable one.

 

Your thoughts on the fact that government offices are addressing the issue of ransomware in the UK

 

Ransomware is a very real threat to businesses of all sizes – we often only hear about the largest attacks in terms of $$$ value or those targeting high profile brands. So it’s a positive move from the UK government (and the G7 and NATO) that they are looking to directly address this. If we want Ransomware to be less of a threat going forward, businesses need the respective governments to wield both a carrot and a stick – they need to provide direct incentives to organisations who show that they are taking their cyber security seriously, and a stick to wield against those who don’t and then leave themselves and their customers open to being exploited.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.