Ransomware rising to be the top threat, it is what the business across the globe is agreed to. It is nothing new, but at this point of time, every vendor still tries to offer a silo approach based on what they offer, whether it is a security vendor or backup or recovery vendor.
Either been high value case or mass exploit based on the popular operating system or application, once encrypted the valuable data, and if you do not have the timely data backup somewhere else, or willing to cut the data lost, then you got to make payment for the ransom since your data been hijack and encrypted, until you make payment for it.
As such, you do not surprise lot of terrorist is also move toward make use and craft of the ransomware attack, since it will always for sure will get victim for no has the timely backup of the data and willing to exchange make payment to unlock and decrypt the data for it.
It is not about viruses, not malware alone, it is crafted and more sophisticated that targets zero-day vulnerability exploits. Zero day exploit is the vulnerability that is discovered at the time, unless a new patch is developed to fix it, else it will be exploitable. This is why even if you have the best in the world antivirus protection you will still be infected, and data will be immediately mass encrypted and the plot for you to make a decision is obvious, are you making payment or it or not? We believe there are more cases that choose no to report it, since the impact on reputation.
You may read some major news for data loss that is not really logical, forget to backup, and system upgrade and data loss or warp something in very similar manner, but really? it may be a case for ransomware and decide not to make payment so to wipe the encrypted data out…
It has risen in the global threat concern and raised the threat rank and level. Some countries rank it as the national top security threat for ransomware. We can imagine, if the government top agencies data was encrypted, would you make payment for it or not? let said you do not have the up to date data been back and can be recovered?
Do not think it will target medical or high tech research companies, everything has value, whether it is hospital, financial institutions, government to normal people with value to keep, it can be a target for ransomware. To make data redundancy, say implement RAID-1 data mirroring, then separate back, and then remote backup from time to time, and isolate the backup data from continuous connection, just ask around, how many people will do that? As such, the gap creates both the threat and opportunity, for those who are willing to work out a truly realistic and practical solution that include both security and availability technology that seamlessly work together, until that exists, ransomware will continue to be the top threat everyone and every business enterprise can not ignore.
The more we are living in the digital economy, the more data and assets will be in the digital form. How to make a holistic look into protecting your valuable digital assets need to adapt systematic risk based management framework. Purely adopting the silo networks security, antivirus or schedule backup is not enough.
E-SPIN Group in the enterprise ICT solution supply, consultancy, project management, training and maintenance for corporation and government agencies did business across the region and via the channel. Feel free to contact E-SPIN for your project requirement and inquiry.
Other post you may be interest: