Email Security

    The New Normal of Ransomware

    Rising ransomware attacks due to shifting working patterns are the new normal, requiring a balance of security and business efficiency.

    by Renatta Siewert

    Key Points

    • There is no such thing as 100% protection against ransomware attacks.  Organizations must balance ease of doing business with security considerations under the new normal of increasing ransomware attacks.
    • Effective solutions depend on understanding the “new normal” of ransomware and cyber security that is continually evolving due to technological advancement and changes in human behavior.
    • New modes of work are creating additional headaches around cyber security. Ransomware cyberattacks and data fraud due to a sustained shift in working patterns is a big worry for business leaders.

    Cybersecurity is more complex than ever. Ransomware attacks are more frequent and varied due to the low barrier of entry with at the same time greater sophistication of attack.

    But even as cybersecurity technologies grow in sophistication, there is no such thing as 100% protection against ransomware and other cyberattacks. Moreover, even if there were such a thing as 100% protection, some security measures can impose undue constraints on business operations. In some cases, overbuilding cybersecurity could end up costing more in the long run than the probability of certain kinds of attack.

    That’s one of the key findings in a new Economist Impact report sponsored by Mimecast, Signals and Noise: The New Normal in Cybersecurity: “When it comes to reconciling the need for agile business operations with compliance and prudent cyber-security practices — ranging from zero-trust policies to securely adopting cloud computing and AI — organizations face stark choices. Board members and executives need to candidly assess their organizations’ cybersecurity risk in order to develop effective solutions.”

    Effective solutions depend on understanding the “new normal” of ransomware and cybersecurity. And that “normal” is continually evolving into something newer all the time due to a combination of technological advancement and changes in human behavior.

    Case in point: The pandemic resulted in work from home arrangements. While originally a temporary safety measure,  it is now here to stay in either total remote or hybrid formats. The problem is that the new normal of working from home raises new security threats, with the continual transition from home to office in hybrid working arrangements perhaps even more so.

    According to the Economist Impact study, “New modes of work are creating additional headaches around cybersecurity. The World Economic Forum (WEF) found that, globally, cyberattacks and data fraud due to a sustained shift in working patterns is the third-biggest worry for business leaders, trailing only fear of a prolonged recession and a surge in bankruptcies.”

    At the same time, the threat environment has shifted, with criminal and nation-state attacks proliferating to exploit the new normal of remote working.  “From a threat perspective, the world is seeing an amplification of malicious actors taking advantage of the rampant pace of technology adoption,” notes Michelle Price, CEO at AustCyber, an independent, not- for-profit government-funded Australian cybersecurity growth network. Adds Ciaran Martin, professor of practice in the management of public organizations at the University of Oxford, “Ransomware isn’t proliferating because of weaker cybersecurity but has exploded because of a growing realization amongst criminals about just how profitable and easy it is.”

    Technology has helped arm more criminals. But that technology still targets the most vulnerable factor that must underpin the formulation of any cybersecurity strategy: people. Because how ransomware attacks get into your networks is more often than through the exploit of human inattention, which can be intensified in remote working situations.

    As Jenny Radcliffe, founder and director of consulting firm Human Factor Security, notes in the report, “It doesn’t have anything to do with how sophisticated something is because it’s always about human vulnerability.”

    Phishing the Human Factor

    Every device connected to any network is susceptible to attack. Remote working increases that susceptibility, making it critical to thoroughly educate everyone connected to the network to avoid unnecessary risk. This includes connecting to unsecured networks and over-sharing personal information. 

    One of the biggest threats is phishing: Research suggests that over 20% of phishing emails are successful, and that conditions under the COVID-19 crisis further improves the changes of success. That’s because, as Radcliffe points out, “When people are subject to huge imposed change, there are major psychological implications. The main reason people give for doing things like clicking on phishing emails or bad links, or opening attachments, or when they fall for scams and cons of any kind — the main reason they give is distraction. From a work-at-home environment, many people find it a lot more distracting, and that makes them more vulnerable to an attack. Attackers know that.”

    New Normal Mitigation

    The uptick in ransomware coupled with work at home as the new normal requires robust cyber resilience strategies that increase awareness of phishing and other potential risks that limit potential risk of attack. But as Martin points out, “Total protection for an organization in the day and age, so working out what you need to protect most is absolutely the right way.”

    How your organization needs to protect it is a combination of effective technology coupled with cybersecurity awareness training to all workers and stakeholders tailored to their working situations, as well as industry-related issues (e.g., vital importance to protection of personal information in the healthcare industry).

    Related to cybersecurity awareness is the implementation of best practice processes. One example is the zero-trust model. There are two concepts here. The first is that no user, device, or activity is recognized by a network unless it is verified. The second is that IT and security staff work under the assumption that a breach has already taken place, and act accordingly when implementing any policy or fix.

    But here is where high alert security can conflict with the needs of the business. Zero trust does not, for example, fit well with Internet of Things (IoT). Say you are a manufacturer with an assembly line full of interconnected robots. You can’t constantly verify and authenticate the data streams they create, at least if you don’t want to slow down production. So there has to be a balance between optimum cybersecurity and how the business needs to operate. The best compromise, as Leo Simonovich, Siemens Engineering VP and global head of industrial cyber and digital security points out in the Economist Impact report, zero-trust is probably best applied to functions where the business maintains confidential data, but in the interests of efficiency isn’t strictly applied to the factory floor where data needs to flow unimpeded to achieve production efficiencies.

    The Bottom Line

    The report emphasizes that in the new normal world of ransomware, technology is still an essential part of any mitigation effort. To find out more read the full report.

    Subscribe to Cyber Resilience Insights for more articles like these

    Get all the latest news and cybersecurity industry analysis delivered right to your inbox

    Sign up successful

    Thank you for signing up to receive updates from our blog

    We will be in touch!

    Back to Top