Views

Brace yourself: Ransomware will only get worse

WannaCry ransomeware attack spread so quickly due to lack of proper security measures in organisations

Since May 12, reports have begun trickling in about what is arguably the biggest cyberattack in the world.

The ransomware named WannaCry or WannaCrypt has infected banks, hospitals and government agencies in more than 150 countries, exploiting known vulnerabilities in old Microsoft computer operating systems.

Affected Windows computers display a screen with a countdown timer and a request for a ransom to be paid in the Bitcoin cryptocurrency, before the victims can regain access to important company information.

As the payment is made in Bitcoins, the hackers remain anonymous, making it nearly impossible for them to be caught by the authorities.

Singapore ranks eighth in the Asia-Pacific region and 42nd globally in terms of ransomware attacks, with an average of 16 attacks a day, according to an industry study.

A Dell EMC report also showed that companies in Singapore are unprepared for new, emerging threats in data protection, which has resulted in an alarming economic impact to their business - the average cost of data loss in 2015 was more than US$1.3 million (S$1.8 million).

The recent deluge of ransomware is a warning shot for worse to come. It has validated previous speculation that it is quite easy for a lone wolf, if keen enough, to create a sophisticated and destructive cyber weapon. The net cost is relatively low - just time spent on learning the ropes and the cost of an Internet connection.

We are moving into a new age of destructive malware like Stuxnet, which has the potential to escalate new frontiers in cyber warfare as it targets industrial computer systems.

Stuxnet deliberately destroyed centrifuges in nuclear fuel enrichment plants but similar malware could be used to damage other systems, from the provision of utilities like water and electricity to disrupting heating systems in winter.

More importantly, we should expect a new generation of cyber criminals or state-sponsored actors to take the next step by highlighting how much more damage they can do to an enterprise in order to extract higher ransoms.

Ransomware that encrypts data is just the beginning.

The next milestone on the journey to up the ante of cyber terrorism is to combine ways of delivering the malware with just-discovered vulnerabilities (zero-day attacks) to wreak havoc within corporate networks.

The negative outcomes could well escalate too, from encrypted data today to disabling hardware such as hard disks, or even whole workstations, notebooks and PCs.

This new type of offensive software would bring down an entire company if it does not pay up.

SPREAD QUICKLY

We need to be less complacent about cyber protection.

Wannacry spread so quickly in 24 hours due to the lack of proper security practices in place in organisations, and new versions of it are already online.

Even the best-protected of businesses can suffer an attack through employees getting phished or inadvertently installing malware sent as e-mail attachments.

The human factor is and will always remain the weakest link in the whole cyber security chain, whether in the context of an organisation or country.

Businesses need to educate users about good cyber hygiene, keep operating systems and software updated, and make back-ups regularly. They also need to install intrusion detection systems to gain real-time visibility on what is happening to networks and computers.

WannaCry is a wake-up call for all of us to stay vigilant, especially with new and increasingly sophisticated attacks evolving every day.

The key is to minimise the risk and make it more difficult for cyber criminals to compromise systems. With proper user education and robust security architecture in place, all of us can stay safe and secure.

The writer is chief innovation officer at Quann. This article appeared in The Business Times yesterday.

VirustechnologyBusiness