SOCIAL ENGINEERING & RANSOMWARE
WHEN YOUR DATA IS HELD TO RANSOM Ransomware – the latest and nastiest way in which cybercriminals seek to steal from you – is sweeping the globe, hammering businesses both large and small. We speak to security firm Commvault to gain a clearer understanding.
P
erhaps the biggest – and certainly the most talked about – form of cybercrime is ransomware, which has quickly become the most frightening form of attack faced by companies, as it has rapidly propagated across the globe. The success of ransomware has been accelerated by social engineering, itself exacerbated by people’s growing utilisation of social media platforms. Taking a realistic look at ransomware, one can admit it is probably the most prevalent and sophisticated type of cybercrime. By broad definition, it is when hackers are able to gain access either to a company’s data, network or systems, and then deny their use to legitimate business owners, through encryption. Essentially, they encrypt your data so you can’t use it, and then offer to give you the decryption keys in exchange for the payment of a ransom, explains Kate Mollett, senior director: Africa at Commvault.
34
C YB E R S E C U R I T Y 2 0 22 22
“What makes it such a dangerous form of attack is that not only is it sophisticated, but if the data they encrypt is critical to your business, they can easily bring your operations to a temporary or permanent halt,” she says. “Remember too that not only does such an attack create downtime for the business, but if, through the process, sensitive information data or consumer information is exposed, then you may face hefty fines in line with the relevant legislation, like PoPIA.” Furthermore, she notes, an attack can lead to reputational damage – ransomware attacks, especially involving larger companies, tend to be headlinegrabbing ones – which in turn creates a loss of confidence among consumers and shareholders. “Also, never forget that just because you pay the ransom, it doesn’t necessarily follow that they will unlock your data. Acquiescence is really no guarantee of recovery.” The way it works, she continues, is that the attackers use malware that is commonly introduced through phishing attacks, which are formulated via social engineering. This is usually via emails, texts or other ways of communicating that appear legitimate, and are designed to deceive
you into believing you are dealing with a genuine entity like your bank or insurance provider. Once you have been fooled into clicking on the mail’s attachment, your system is infected.
Fighting back “The best way to fight ransomware is via user awareness and training. It is imperative to ensure your staff understand what these attacks look like, so they can spot them early. This type of training has to be ongoing too, to keep these concerns top of mind for employees. “People are undoubtedly the weakest link in your security chain – some 54% of ransomware attacks are successful simply because people don’t pay enough attention. Another key barrier in the fight is that if your company utilises VPN services, you should encourage staff to use these all the time, and try to avoid using public Wi-Fi, especially if they are working with sensitive data,” notes Mollett. Then, from an organisational perspective, she adds, it is vital to have good monitoring in place. Automated monitoring solutions are designed to search for various types of malware across numerous attack scenarios.
