Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

What’s new in ransomware?

Maria Korolov | Aug. 30, 2017
Ransomware attacks--and defenses against them--are evolving fast, but enterprises still struggle to keep up.

"There's a tremendous amount of inertia built into the process of upgrading and updating and getting to the absolute latest and greatest," says Rod Murchison, VP of product management at CrowdStrike, Inc., which offers cloud-based next-generation endpoint protection. "It's like going from Windows 7 to Windows 10," he says. "If it takes you six months to get new software deployed, you're always going to be behind on your zero-day protections."

Some of the most damaging attacks recently have involved known exploits for which patches were available. Enterprises may delay updates to avoid network congestion, in order to perform their own testing, or because they're running legacy systems that can't be updated. "We still find companies that haven't patched systems in months, or even longer," Murchison says.


What's next?

An individual hit by a ransomware attack can be expected to pay up to a few hundred dollars to clear up an infection. The ransom amount goes up when companies are hit, with the average company paying $2,500 per attack, according to a report by Ponemon. In addition, 7 percent of companies hit by ransomware pay more than $10,000.

When a cloud provider is hit, one that services large numbers of enterprise customers, that payout can be a lot higher. The attack against Nayana could just be the start. "We really think that's the next frontier," says IDC's Pike. In a recent survey the research firm conducted, 80 percent of ransomware victims says that at least one of the ransomware attacks they saw was related to cloud infrastructure.

At the end of the day, no amount of protection is going to be enough since the bad guys will always be innovating -- and only need to be successful once. Law enforcement will also need to step up, putting cyber criminals behind bars. That requires time, however, and a lot of inter-agency cooperation since the attackers tend to be all over the world and key infrastructure is hosted in areas with the poorest enforcement. "We have only seen a couple of arrests here and there, but we know that there are some ongoing efforts in this area," Pike says.

The flow of money also needs to be addressed. "My feeling is that long term, cryptocurrency will be regulated," Pike says. "But I don't think we're anywhere near there yet."


Previous Page  1  2  3  4 

Sign up for CIO Asia eNewsletters.