FINAL WORD

Various studies suggest that over 60 % of data breaches and cybersecurity incidents are caused by insider threats .

The stakes are therefore higher than ever for businesses when it comes to protecting against ransomware attacks . Organisations need to understand the emerging trends that we will see gather speed , and prepare their defences for the ransomware onslaught .

Make your business insurable

The tension between insurers and businesses affected by ransomware is mounting . In EMEA we have already seen global insurance giant AXA announce that it will stop writing cyber-insurance policies in France that reimburse customers for extortion payments made to ransomware criminals . Furthermore , the Dutch government has considered banning insurers from covering the cost of ransom payments made by businesses operating in the Netherlands . With insurers overwhelmed and frustrated by ransomware claims , underwriters will tighten up their policies to ensure clients are meeting predetermined conditions such as investing in appropriate cybersecurity and employee training before paying out .

Watch out for triple extortion

This technique designed to make businesses pay more and pay faster involves extending the attack to the victim ’ s customers and partners . Traditionally , ransomware attacks involve cybercriminals locking down and encrypting systems then demanding a ransom payment to regain access . In 2019 ransomware strains such as DoppelPaymer gave cybercriminals the ability to lock down systems and exfiltrate data simultaneously . Not only can attackers demand ransom money for regranting access to key IT systems , but they can also threaten to publish exfiltrated data online if the victim didn ’ t pay up . Triple extortion involves a third element – directing the attack beyond its initial target , using multi-layered extortion techniques to harm the victim ’ s customers and partners .

Minimise the threat within

Various studies suggest that over 60 % of data breaches and cybersecurity incidents are caused by insider threats . Disgruntled employees understand the power they have in terms of opening the doors to the outside . Equally , perfectly satisfied employees who do not grasp the importance of practising good digital hygiene can be equally dangerous . Digital hygiene is the first line of defence for an organisation . Using two-factor authentication and restricting file access to only those who need it are ways of limiting the amount of damage a single user can do if security is compromised intentionally or unintentionally . Furthermore , training and education are vital to making sure employees are confident identifying and reporting potential attacks .

Beware of the slow burn

Advanced persistent threat ( APT ) attacks involve unauthorised users gaining access to a system or network and remaining there for an extended period of time without being detected – waiting for the right opportunity to steal valuable data . Cyber attackers are clever about choosing the right time to strike and maximising their chances of getting an easy payday by compromising a company when they are at their most vulnerable or when the stakes are highest . For example , an attacker may be ready to take your systems down and exfiltrate data but know that your company is due to IPO in a few months . It , therefore , makes sense to wait it out and

INTELLIGENT TECH CHANNELS 67