Imagine that while working, you get a message on your screen saying that you have been locked out of your company’s system, and the only way to gain access to it and retain company data is to pay a hefty ransom to the hackers. This sounds like something out of an action movie, but in reality happens to companies more often that we believe.
Some notable cyberattacks that have used ransomware as their attack vector include those against the Colonial Pipeline and the world’s largest meat packer, JBS. These cyberattacks caused the shutdown of critical infrastructure, which inevitably created shortages, increased cost of goods and services, as well as caused financial loss due to shutdown of operations and paying of ransoms.
Digital risk protection (DRP) is one way businesses can protect themselves, which will holistically monitor data sources and identify threats against a business' digital footprint using technology, tools and expertise by monitoring data sources for threats to the business’ digital footprint.
Digitalisation is critical for an organisation’s success as it drives innovation, opportunity and competitiveness, but at the same time widens the attack surface for cyber criminals. With DRP, businesses can understand their digital risks, and better identify and anticipate threats targeting their digital assets. Through early detection and prevention of potential attacks, businesses can reduce financial and reputational losses.
Vulnerability risk management (VRM) is another important protective element, as it offers a strategic, risk-driven approach to threat management. VRM identifies and remediates threats in a business’ system through a combination of around-the-clock automated scanning with persistent penetration testing and manual penetration testing by experts. Through this process, a business’ real level of risk can be identified and resources allocated accordingly to keep ahead of evolving cyberattacks.
Businesses can manage their vulnerabilities through prioritisation and evolution. VRM also ensures that appropriate measures have been taken and detected vulnerabilities have been solved. Through advanced scanning, analysis and testing by a local and expert team, VRM is able to lower operational and reputational losses for businesses while driving efficiency and cost effectiveness.
According to the Identity Theft Resource Center (ITRC), the number of data breaches publicly reported in 2021 exceeded the total for 2020. Subsequently, a FinCEN Report said the average amount of reported ransomware transactions per month in 2021 was US$102.3 million. Cybersecurity firm Cybersecurity Ventures predicts that there will be a new attack every two seconds as ransomware perpetrators progressively refine their malware payloads and related extortion activities.
Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. There is also a demand ransom in exchange for decryption, with threats to sell or leak exfiltrated data or authentication information if the ransom is not paid.
As technology becomes increasingly sophisticated, so does the depth and complexity of ransomware. With that in mind, businesses need to stay vigilant and be prepared for cyberattacks, as lack of preparedness would affect business continuity.
At the height of a cyberattack, it is normal to believe that the ransom payment will see a business go back to normalcy, but in reality, the payment will not guarantee a business' digital assets security and integrity. Data losses may not be replaced, which can turn out to be more damaging or costly than the ransom being demanded.
On top of that, businesses may face fines by authorities under the Personal Data Protection Act 2012 for negligence and for not keeping customer information safe, despite having paid the ransom to ensure data is not sold on the black market.
A business’ trust and credibility may also suffer in the process. With a precedence of a cyberattack, clients and customers may opt for services from other businesses that have taken the necessary steps to secure their digital assets. It can be the determining factor for a company’s success, as it can cause devastating financial losses.
On top of that, if a business has been attacked once, the likelihood of it being attacked again is higher. Other ransomware groups may see the business as an easy target, making it susceptible to repeated cyberattacks.
Looking ahead to 2022, supply chain attacks are of high concern as cybercriminals seek to capitalise on people’s reliance on it. Password strengths and multi-factor authentication practices will be another trend seen this year, considering the massive increase of online accounts created over the last two years.
The use of blockchain for business management has increased, but it can be used as a hideout for cybercriminals as well. Businesses should be wary of the possibility of hackers using blockchain in the form of non-fungible tokens (NFT) to stay under the radar and take the attention from their activities.
Nevertheless, attackers are focusing on extending to cloud environments. Some businesses recognise that not all data should reside on premises or in clouds, hence businesses will shift towards a hybrid cloud approach to allow better management and protection of data.
It is no argument that in this day and age, DRP and VRM make business sense. While digitalisation is a critical element in a business to drive innovation, opportunity and competitiveness, it also greatly widens the attack surface for cyber criminals, which constitutes any point of entry an attacker has into a system, whether physical or digital. Once there is a system breach, an attacker can cause an adverse effect to machinery or systems within a business, or extract data from a business’ database.
However, most businesses do not have the means or expertise to fix the damage themselves, deluding themselves to believe that it would be easier to pay the ransom to have everything reinstalled.
Cybersecurity experts are costly and scarce too, which means that businesses have no commercial justification to set up in-house expert teams to protect against the fast-changing cybercrime environment. Instead of setting up an internal cybersecurity department and infrastructure, businesses have the option to work with experts who would be able to set it up for them.
Celcom has partnered with Telefónica Tech — world-renowned as a cybersecurity expert — to provide the right solutions to protect businesses from cyber threats. It has integrated Telefónica Tech’s three core digital services for major corporations — cloud services, cybersecurity and Internet of Things, or big data.
For more information on how to get serious about cybersecurity for your business, call Celcom at (019) 601 1111, or visit https://business.celcom.com.my/cyber-security/cyber-threat.