Cyberattacks using ransomware dominates in 2016
Paladion highlights how criminals have moved away from random attacks to targeted attacks on organisations.
Security service provider Paladion has revealed that cyberattacks in the form of ransomware has been extremely profitable in 2016.
The company highlights that the fastest-growing area of cyber-crime has developed into a $1bn-a-year industry complete with customer care departments set up to secure payments from victims of ransomware attacks.
Ravi Raman, SVP - Security Intelligence and Analytics at Paladion, said: "This has encouraged setup of new criminal startups that make millions of dollars within months before being closed down to protect the masterminds from arrest,
"In the last couple of weeks we have seen the newspapers splashed with news of organisations, businesses and individuals been taken hostage by ransomware attacks. Both individuals as well as organisations are at risk today. The perpetrators have moved away from random attacks to targeted attacks on organisations."
Ransomware, as the name suggests, is a type of malware that encrypts data on an individual's system and demands ransom for decrypting it.
Ransomware has grown beyond Windows-based personal computers to smartphones, Mac and Linux systems, with attackers increasingly seeking any network-connected device that could be held hostage for profit. The UAE witnessed a 44% year-on-year increase in the number of ransomware attacks. "Within the UAE, finance, insurance and real estate sectors were the most affected by targeted attacks last year. Close to three quarters of all attacks were directed towards companies belonging to the above mentioned categories," said Raman.
"To detect such staged attacks, an organisation has to invest in tools that will enable it to run data science and machine learning models that can detect patterns from the network data; tools that rely not just on malware signatures but on other concepts such as Indicator of Compromises (IOCs) to detect them; tools that can quickly scan your network / end points for any typical compromises that you suspect may have occurred; tools that can scan for rouge browser plugins; tools that can detect C&C user accounts that could be used by malwares to piggybank on; and tools that can check for unused services that the malwares can morph into.
"The good news is that such tools are available. You will need such tools to prevent ransomware attacks. We need to be geared to protect ourselves from such threats when the stakes are high. Game changing threats need a robust multi-pronged strategy for effective protection," concluded Raman.