Cybercrime technology is becoming more and more sophisticated. If your online security system isn’t up to scratch, you could be unknowingly vulnerable to a ransomware attack.
That’s why protecting yourself and your data is an ongoing process. It requires a conscious effort, not only to implement cyber security measures, but also to maintain them.
Such was the message conveyed at the Alliance Française Bangkok on 4 March 2022 at a special meeting on the topics led by UNODC Cybercrime and Cryptocurrency Advisor Alexandru Caciuloiu.
The Devastating Impacts of Ransomware Attacks
Ransomware can cause serious damage to an organisation’s data, operations, finances, infrastructure, and even brand image. With the potential to cause devastation on multiple levels, cyberattackers pose a significant threat to any business.
Once a hacker has access to your private files, they seize control of them. First, they’ll encrypt them, so you can no longer access them. Then, while you’re frantically trying to figure out what steps to take, they may release those files to the public, sell them on the dark web, or simply destroy them. All the while, you may be watching helplessly. Unless you have a backup system in place, paying a ransom could be your only hope of regaining access. Even then, data may never be recovered as promised. Rebuilding your database can be costly, in more ways than one.
Famously, ransomware WannaCry infected more than 5 million devices in 2017, striking businesses worldwide including FedEx, Honda and Boeing, and locking their files. It even brought down the National Health Service in the UK and telecom providers in Spain. It capitalised on devices that were running outdated versions of Windows, then self-replicated to spread even further. This type of ransomware is still running rampant to this day. In fact, there was a surge of WannaCry attacks just last year.
When a ransomware attack brings an organisation’s entire online operations to a halt, every moment of downtime incurs a financial impact, adding even greater pressure. As time ticks on, the chances of making a full recovery grow slimmer while the financial losses continue to mount up. Those who’ve fallen victim may have to spend time investigating the breach, attempting to negotiate with attackers and deliberating steps to take, before even having a chance to think about recovery. Sometimes, the recovery process can take weeks.
To make matters worse, during that time, cyberattacks often make the news. This means that while desperately trying to recover important data, organisations have to scramble to protect their reputation at the same time. According to a Forbes insight report, almost 50% organisations that encounter a data breach suffer from damage to their brand image.
Then, there’s the hit of the ransom itself. Ransom fees are exorbitant, and you may even find yourself being asked to pay millions for your company’s precious data. Travel giant CWT felt the sting in 2020, when it was forced to pay $4.5 million to cyberattackers who took 30,000 of the company’s computers offline. Once they’d managed to recover their data, they set to work recovering their reputation, as the incident had been widely reported by international news outlets.
These ransom figures aren’t plucked out of thin air. When cyberattackers gain access to a network, they often spend time looking through the victim’s personal data and online bank accounts to determine how much they’re capable of paying. This enables them to tailor the ransom to you, in an attempt to get as much money out of you as possible. If you’re an official who has unknowingly allowed a cyberattack by not following online safety protocols, you may even face compliance fees. This means you suffer from even further financial damage.
Once a business has been infected with ransomware, it’s rarely the end of the story — even if a ransom has been paid and access reinstated. Despite any protective measures that are put in place after the attack, they may still become a likelier target in the future. This is because once cyberattackers have identified and exploited your vulnerabilities, they often share them on the dark web, encouraging an entire network of other cybercriminals to take advantage of those same opportunities. This means that being free of ransomware can be a lengthy, stressful and arduous process.
Organisations can play a vital role in protection against ransomware by thinking like a cybercriminal, identifying vulnerabilities, and putting protective measures in place.
Take Initiatives to Stay One Step Ahead of Ransomware
Don’t let yourself be a target. To protect yourself against ransomware, you’ll have to brush up on your cyber hygiene. That means taking frequent steps to keep your systems up to date and to improve your digital security.
What Governments Can Do
Avoiding these risks is not just the responsibility of the individual user or business. In order to effectively protect against ransomware, governments have to develop digital security policies, provide funding, and educate the public on cybercrime.
Clear frameworks need to be established, both for the public and private sectors. On top of that, entities need to be set up for users to report cyberattacks to and turn to for help.
For example, the US government launched an online hub for resources against ransomware in 2021, and the UK government has been investing in cybersecurity strategies since 2011.
What Companies Can Do
Companies need to provide cybersecurity training for all employees, so the burden of protection and prevention isn’t placed solely on an IT department.
They also need to have protocols in place which identify assets and risk factors and lay out steps to take in the event of a ransomware attack, as well as recovery processes to follow. Permissions can be limited, so only authorised personnel are able to download new software or make system changes. This limits the openings available to a potential cybercriminal.
Most importantly, a business of any size needs to have a back-up system. Important data needs to be backed up regularly, and in more than one location for optimum security. Networks need to be monitored, and knowledge kept up-to-date. By staying abreast of the latest developments in cybercrime, you can take action to protect yourself from any nasty surprises.
What Individuals Can Do
As an individual user, it’s important to keep your operating system and all your software up-to-date. This includes antivirus programs, which should be used to scan all software downloads prior to running them. Outdated and compromised software can effectively leave holes for cybercriminals to creep through.
It’s crucial to assess links before clicking and avoid any that are suspicious or unsolicited. This is a common way that hackers deceive users. Finally, use secure passwords, and make sure to change them at regular intervals.
Put yourself in a hacker’s shoes and try to identify all the weak points in your cybersecurity system. If you were on the outside trying to break in, where would you start? Apply that intelligence by using it to develop your own cybersecurity strategies.
Stay Vigilant, Stay Protected
Reducing the risks of ransomware is not just an individual responsibility. It requires a collective response, because when one user’s data becomes compromised, their entire network can be put at risk.
Alexandru Caciuloiu, the Cybercrime and Cryptocurrency Advisor at UNODC, stated “Digital security can be achieved through constant efforts. It starts when all individuals, including those within governments, organisations, and companies, habitually undertake and maintain basic cyber hygiene practices that will help protect the security of their networks and assets”.
The UNODC Global Programme on Cybercrime provides assistance in prevention, awareness raising, and analysis to fight against cybercrime. Read about the UNODC’s work on cybercrime for more information, tools and resources.
To be RansomAware: UNODC Landing Event: Keynote presentation on cybersecurity best practices. Speaker: Group Captain Jadet Khuhakongkit, Director of Critical Information Infrastructure Management Office, National Cybersecurity Agency Thailand addressed the need for implementation of security practices, prevention of possible damages from adopting the practices, and the best practices / steps that organizations / government can take to counter ransomware.
RansomAware Landing Event: Panel Discussion with Keynote Speakers. The audience were given opportunities to ask questions for panelists on the topic of ransomware. Menti program was used to collect questions. 1. Moderator: Mr. Alexandru Caciuloiu, UNODC Crybercrime and Cryptocurrency Advisor (Left) 2. Panelist 1: Ms. Manachanok Jumroonrojana, Superintendent of High-Tech Crime Division, Cybercrime Investigation Bureau, Royal Thai Police (Center) 3. Panelist 2: Group Captain Jadet Khuhakongkit, Director of Critical Information Infrastructure Management Office, National Cybersecurity Agency Thailand (Right) 4. Panelist 3: Mr. Satoshi Shimizu, Regional CISO, Japan BU, Trend Micro (Screen)