How Ransomware Threatens Unsecured Systems

Cyber criminals typically use ransomware to lock systems and encrypt files, effectively denying access to data until payment is remitted. Unsurprisingly, ransomware payments for 2016 were estimated to hit a billion dollars, with some businesses paying considerable sums to unlock their data. Cyber criminals continue to set their sights on a wide range of targets, including CCTV cameras, schools, hotels and even hospitals.

Instances of ransomware are only expected to increase in 2017, as more and more vulnerable systems and “things” connect to the Internet. According to Beazley, organizations appear to be particularly vulnerable to attacks during IT system freezes, at the end of financial quarters and during busy shopping periods. Evolving ransomware variants, says the insurer, permits hackers to methodically investigate a company’s system, selectively lock the most critical files and demand higher ransoms to seize the more valuable (unencrypted) files.

Perhaps most importantly, unprotected endpoints allow attackers to remotely access everyday physical features that are critical to maintaining routine business operations. To make matters worse, lax law enforcement in certain countries and jurisdiction limitations complicates efforts to apprehend and successfully prosecute the perpetrators. Left with little or no choice, businesses often opt to pay the ransom, which in turn, fuels an already burgeoning “ransom industry” and encourages additional criminal activity.

Although it is difficult to prevent, the frequency of successful malware attacks can be reduced by understanding that any endpoint, which may have originally been designed to work offline, is exposed to attack once it is connected to the Internet. Unfortunately, there is a common misconception that only critical infrastructure and big businesses are prone to remote attacks. Nevertheless, with connectivity and automation becoming ever more common, implementing effective security solutions should be a top priority for mid-size and small businesses.

Put succinctly, security is a critical element of any Internet connected system, even if it does not involve critical functions. To increase mass adoption, security solutions should be simple, affordable and easy to use. As more business adopt common security practices and solutions, the success rate of ransom attackers will decline, which will eventually discourage cyber criminals from participating in an unprofitable and obviously risky business.

In conclusion, simple and affordable solutions require a comprehensive solution that implements security at the transistor level (as per DHS recommendations), while protecting vulnerable endpoints and services. Solutions should also be capable of pre-provisioning keys as an out of the box security feature, thereby allowing OEMs and service providers to bolster security for a wide range of connected “things.”