Cloud Companies The Next Big Target For Ransomware
The latest Massachusetts Institute of Technology (MIT) Review has predicted that ransomware targeting cloud services will be one of the biggest cyber-crime threats of this year.
What Is Ransomware?
Ransomware is a form of malware that typically encrypts important files on the victim’s computer. The victim is then given a ransom demand, the payment of which should mean that the encrypted files can be released. In reality, some types of ransomware delete many important files anyway, and paying the ransom does not guarantee that any files will be released.
Huge Data Sources
One of the main reasons why the MIT puts the ransomware aimed at cloud services in the top 6 cyber threats for 2018 is because attacking a single cloud services company can give criminals access to huge amounts of data being stored and handled for multiple companies and organisations.
The MIT predictions, however, point to smaller, more vulnerable cloud providers who are more likely to pay as being a more likely target than the apparently well-protected larger CSPs such as Google, Amazon, and IBM.
Other Big Threats For 2018
Other MIT predictions for more common cyber-crime in 2018 include the targeting of electrical grids, transportation systems and other types of national critical infrastructure, cyber-physical attacks to cause disruption and extort money, and the targeting of old systems in transport modes (planes, trains and ships).
Also, another prediction for increased activity is the hijacking of more computing to mine crypto-currencies, and the resulting (potentially devastating) collateral damage if computing resources at hospitals, airports and other similar locations are targeted.
Evolution of Crime and Protection
The last 3 years have seen a rapid evolution of the threat of things like ransomware. 2016 was a huge year for ransomware attacks globally. For example, Kaspersky Labs estimated that in the 3rd quarter of 2016 a ransomware infection occurred every 30 seconds. Intel Security also reported that infections rose by more than a quarter in the first 3 months of the year.
The massive WannaCry ransomware attack of spring 2017 infected the computers of an estimated 300,000 victims in 150 countries worldwide, many of them large, well-known businesses and organisations (including 16 health service organisations in the UK), and has been a massive Internet and data security wake-up call.
Last year also saw AI used by both attackers and defenders, and MIT predicts that 2018 will see greater machine learning models, neural networks and other AI technologies used on a more regular basis by cyber attackers.
What Does This Mean For Your Business?
Cyber attackers are becoming ever-more sophisticated in their attack methods, using the latest technologies, multi-layered attacks, and the use of social engineering. Ransomware is a popular tool because it is often relatively cheap to create and use, it can spread easily (like WannaCry), the attackers can remain anonymous, and it yields the main motivation for many attacks - financial gain. It stands to reason that CSPs would make an ideal target because of the huge amount of data from many companies that is stored with them.
For individual UK businesses and other organisations, it’s a case of always being on the lookout for suspicious emails and updates, keeping security software up to date and regularly backing up critical data. With GDPR due to come into force in May, there is an even greater motivation to pay attention to data and Internet security, and there is a danger and false economy of staying with old operating systems as long as possible.
In order to provide maximum protection against prevalent and varied threats this coming year, businesses should adopt multi-layered security solutions. Businesses should accept that there is a real likelihood that they will be targeted and therefore prepare for this by implementing the most up to date security solutions, virtual patching and education of employees in order to mitigate risks from as many angles ('vectors') as possible.
Having workable and well-communicated Disaster Recovery and Business Continuity Plans in place is now also an important requirement.