EDITOR’S QUESTION
WHAT CAN WE
DO ABOUT THE
EXPECTED INCREASE
IN RANSOMWARE
AND CYBER-
EXTORTION TOOLS?
//////////////////////////////////////////////////////////////////////////////////////////////////////////
L
ast year saw cyberattacks such as
WannaCry and Netya illustrate how
adversaries are becoming more
creative in how they architect their attacks. penetrate organisations in multiple ways,
reducing the risk of ransomware infections
requires a portfolio-based approach, rather
than a single product.
The world of cybersecurity has witnessed
changes frequently with security experts
trying to gain know-how about what is
happening and how they can mitigate it. “Often, victims of ransomware choose
to pay the ransom, because they have
no other means by which to restore their
systems and data. Don’t pay the ransom.
Create strong plans for system and data
recovery as soon as possible, including
backing up all systems daily.”
Scott Manson, Cybersecurity Lead, Middle
East and Africa, Cisco, said: “The universal
fact is that we have to accept that we can’t
protect everything, but we can find a way to
control what matters the most.
“Unfortunately, ransomware attacks will
almost certainly become more pervasive and
varied during 2018. Some attacks will adhere
to the brute-force model of infect, lock and
extort, while others will be more sophisticated.
“Evolutions in ransomware, such as the
growth of Ransomware-as-a-Service, will
make it easier for criminals, regardless of skill
set, to carry out these attacks. It turns out
that ransomware generated a lot of cash for
criminals, an estimated $1 billion in 2016.
“In the future, ransomware will not merely
target individual users, but also target
entire networks. Given that ransomware can
28
INTELLIGENTCIO
It’s only a matter of time before every house
and company is connected through the
Internet of Things (IoT) and this only adds
to the potential for cyber-attacks.
“We predict that as many as one million
new connections per hour will be added to
the Internet by 2020 expanding the attack
surface and making IoT vulnerabilities more
critical and more dangerous,” said Manson.
“IoT will move from being seen as a massive
security risk in the enterprise, to a critical part
of an enterprise’s security posture.
“To meet the security challenges of IoT
– an attack surface that is both growing
rapidly and becoming increasingly difficult
to monitor and manage – a proactive and
dynamic approach to security, and a layered
defence strategy, are the keys to protecting
IoT devices from infection and attack or, at
least, mitigating the impact when some are
inevitably compromised by adversaries.”
The security landscape is expected to see
an increase in automation in terms of
cybersecurity responses.
“Humans are incapable of keeping up with
the sheer volume of incoming threats,
but their ability to make quick and highly-
impactful decisions to manually address such
an attack is equally inefficient,” said Manson.
“As our industry faces a talent crisis,
automation, machine learning and AI will
be critical in ensuring protection, becoming
a powerful and effective component of
cybersecurity incident response. Attaining
full visibility into networks is key to stopping
hackers, or machines, in their tracks
and machine learning can help here by
understanding the behaviour of devices,
including IoT devices, on the network and
identifying ‘soft spots’ that are just waiting
to be breached.
“In 2018 machine learning and artificial
intelligence will undoubtedly be integral to
the future of the cybersecurity landscape.”
www.intelligentcio.com