Prevent, detect, recover and above all else prepare.
- Ransomware holding data hostage
- Threats to release sensitive information
- Disruptive denial-of-service attacks
All are extortion schemes used by cyber criminals to separate you from your money. Extortion schemes are not new, but cyber criminals are constantly looking for new ways to use our technology against us.
Ransomware attacks, encrypting your files and demanding money for the decryption keys, have dramatically increased in 2016 and the criminals are starting to demand ransoms commensurate with the data encrypted instead of “flat fees”. Based on recent reports cyber criminals could rake in over $1 billion from ransomware attacks in 2016. The methods used to deliver the ransomware are becoming increasingly clever: varying the code embedded in email attachments, redirecting unsuspecting users to malicious web sites and using compromised systems to launch new attacks within an organization.
“Spam style” email campaigns targeting anyone with an email address are moving to targeted campaigns focused on specific industry verticals. Higher education institutions are still being regularly attacked, but the cyber criminals have learned healthcare organizations, financial institutions, hotels and casinos and law firms have much juicier data to compromise and far deeper pockets to pay ransoms.
Protecting you and your organization from cyber extortion threats is challenging – the thieves are constantly adjusting their attacks, incorporating new technology and taking advantage of people’s trust. So how do you protect yourself? No product, suite of products or technology solution will fully protect your organization from the attacks. You need a balanced approach focused on people, process and technology to address the threat – it takes preparation to train personnel, prevent as many attacks as possible, detect the attacks that slip through the protection and make sure you can recover when an attack succeeds.
First, understand your environment – what and where your sensitive data is and how it is protected. Perform assessments so you understand what capabilities and weaknesses you have in the environment, not just the technology but your processes and training as well. Do you have the technology, processes and training in place to detect and recover from a successful attack?
Second, design security into your environment. New solutions need to integrate into your security architecture to provide the best protection possible. Ensure backup and recovery solutions support your new solutions before you implement them. Assume your technology solutions will fail or get bypassed: Can you detect an attack that bypasses your protective measures? Can you recover your data?
Third address key security areas starting with governance and policies, and then address security operations, monitoring and recovery. Balance the risks in your environment with risk mitigation strategies designed around your business, culture and risk tolerance. Prevent what you can, detect what you cannot and prepare for the worst.
Finally, focus on a long term, sustainable, security program. Your people need to sleep at some point, but the criminals never seem to rest. Build a program to regularly assess the environment, identify threats, integrate improvements and train personnel.
Any federal tax advice contained in this communication (including any attachments): (i) is intended for your use only; (ii) is based on the accuracy and completeness of the facts you have provided us; and (iii) may not be relied upon to avoid penalties.
All Business Advisory News Cyber Security Overview