The recent events and associated news coverage of the cyber-attack outbreak highlighted the damage, not only to IT systems and services but also the damage to trust, that can be inflicted on organisations.
The ransomware threat is neither new nor novel. It is a type of malicious software that infiltrates an endpoint with the purpose of encrypting all the files on it, and then demanding a ransom payment to release them back to the rightful owner. The threat traces back to 1989, when it first emerged on floppy disks sent to unsuspecting computer owners. It has gained disproportionate momentum since 2014, along with the rise of cryptocurrencies used across the globe, which enable cybercriminals to anonymously demand payment from anyone.
Ransomware was the most prevalent online threat in 2016, peaking at over 40,000 attacks per day. IBM X-Force researchers tracking spam trends noted that the rise in ransomware spam in 2016 reached an exorbitant 6,000 percent, going from 0.6 percent of spam emails in 2015 to an average of 40 percent of email spam in 2016. The situation is only worsening in 2017. The latest outbreak in May was unprecedented in scale, however this type of attack has been affecting organisations for a number of years and is likely to only get more pervasive.
The shift towards financial gain has meant hacking has become a multi-million pound industry that is run like a multi-national organisation. For a relatively small outlay a hacker can expect a conservative return that is ten times the outlay. This can only mean that the attacks will become much more frequent, sophisticated and targeted. As the risk and impact of a security breach is becoming more serious the legal and regulatory landscape will continue to become more stringent as demonstrated by the upcoming General Data Protection Regulation (GDPR). Therefore all businesses regardless of size need to take Information Security seriously. Information Security is no longer an IT issue but now it is a business issue, where fines and reputational damage of a security breach could significantly damage a business.
We are constantly looking to evolve our offering based on the real threats faced by our customers and recognise the importance of maintaining a healthy and secure IT ecosystem. As such we provide our customers with assurances in relation to the services we offer. In response to the well reported ransomware attacks, we took proactive steps to ensure all our customers were aware of the issues and the steps to take to minimise the risk. We worked with them to protect their IT systems and their data; this included steps our customers could take to inform their user base of the threats of social engineering attacks, such as phishing and the steps they can take to protect themselves and their business.
As a member of CESG (the UK government’s National Technical Authority for Information Assurance), we receive updates on a daily basis as well as doing our own research of trends from other internet sources such as NCSC (National Cyber Security Centre) and CSO to name a few. These are all valuable sources of intelligence against the many and varied forms of attack vectors helping us to focus in the right areas to catch security threats before they reach our customers.