Furthermore, it is now evolving and moving into business-critical systems that encrypt file servers or databases, doing greater damage and the amount of money being demanded in ransom requests is getting bigger too.
Why is ransomware growing?
Hackers like ransomware. It is simple to create and use, it can be highly lucrative and doesn’t need much in terms of skills or expertise to carry out. Return on investment is high for malicious attackers and they know that their targets’ desperation usually means their attacks have a good chance of succeeding.
That desperation is a big reason why ransomware attacks are increasing in India. We have become the world’s most targeted country for ransomware according to Sophos, and a massive 67 percent of Indian organizations confessed to being victims of ransomware in 2017, with 38 percent of companies saying they were hit twice.
The reason ransomware attackers have had so much success seems to be because Indian companies have just not prepared adequately: not enough organizations have put the necessary measures in place to protect themselves. So they have endured financial losses, with the median cost of a ransomware attack amounting to US$1.17 million.
Hitting the user experience
Over time ransomware attackers have learned that the digital user experience (UX) is key to a successful attack. UX has become a big part of corporate operations, as employees leverage the benefits of the digital workspace and expect a workplace experience comparable to that of their personal lives.
So ransomware attackers have made it as ‘easy’ as possible for employees to help their attacks be successful. The end-user clicks on the malicious link or attachment, a pop-up appears telling them they are infected, the attacker makes it simple to pay the ransom, with instructions about how to use Tor secure browser or Bitcoin to get rid of the virus. It is a tried and proven methodology.
Bigger attacks also abound
In early 2018 it was reported that India’s smart grids were vulnerable to Wannacry, one of the most infamous ransomware attacks yet seen. After the Wannacry attacks of 2017, India’s Central Electricity Authority (CEA) advised that there was an “urgent” need to build a robust cybersecurity network to protect against attacks of that type.
Smart grids help supply more efficient power, but they are also by their nature more susceptible to cyber-attacks. A worm can infect one of India’s smart grids and permanently disable millions of smart meters for example. And as we continue developing smart cities and smart grid technologies, cyber threats like ransomware will pose an increasingly big challenge to India’s utilities providers.
What can we do about it?
Indian companies can defend themselves against the impact of ransomware, but it is important to put best practices in place and then make sure everyone in the company uses them.
Start by making sure you have protection against already-known ransomware vulnerabilities. Make sure patching is up to date, and work with a third-party expert who can help with scanning and patching against potential vulnerabilities. Orange recognized this need some time ago, which is one of the reasons why we built and developed our Cyber Security Operations Center (CyberSOC) in Gurgaon, India, to detect cyber-attacks and fraud attempts to fight against cybercrime in general.
Antispam technology plus phishing and web control tools can help you protect against phishing and watering hole – websites your employees regularly use - attacks. Similarly, employees need ongoing training to be proactive against attacks themselves.
You can protect against malvertisements and downloaders by ensuring you have adequate endpoint protection in place, protection that extends beyond basic endpoint security. Next generation firewalls (NGFWs) can also be a powerful ally, and you should increase the level of your network security controls to let in only known, approved traffi¬c. The pre-eminence of cloud in enabling businesses now demands that NGFWs are integrated into cloud strategies, since they provide protection at application level: with organizations often employing a mix of public, private and hybrid clouds, plus legacy data centers, having a NGFW in the cloud that monitors your entire activity is now vital.
Think smart, think proactive
Ultimately, Indian companies can protect against ransomware by not only having the latest technologies and tools in place, but also the right thinking: concentrate on having a robust, continuously-improving security strategy, keep your staff trained about potential threats and best practices, and always keep the fundamentals in mind. With the right approach, we can all contribute to mitigating the threat of ransomware to India’s companies and critical network infrastructure.
