Cybersecurity’s Biggest Challenge is Ransomware

Highlights –

• In order to make ransomware an unproductive and unappealing business, work must continue in the area of understanding the scope, nature, and evolution of the techniques being utilized.
• In a recent analysis of over 150 ransomware engagements spanning the previous three years, IBM X-Force found that the period between initial access and ransom demands for ransomware attacks on businesses had significantly decreased.

According to the Sophos State of Ransomware 2022 Report (available only to subscribers), 60% of the enterprises were hit by ransomware last year. The cybersecurity catch-up game continues to rage as attacks multiply, become more complicated, and ransom payments increase.

With malicious actors exploiting and weaponizing vulnerabilities faster than before, ransomware continues to be the biggest problem in cybersecurity, according to Lindy Cameron, CEO of the UK’s National Cyber Security Centre (NCSC).

During the CyberWeek 2022, the 12th edition of Israel’s premier cybersecurity event staged in Tel Aviv, Cameron stated that while it may appear that more sophistication has reinforced security across enterprises and nation-states in recent years, all hands must be on deck to root out ransomware.

Cyber attackers have frequently used ransomware as a “decoy or distraction” while attacking Ukrainian organizations as the Russia-Ukraine conflict rages on. Cameron also highlighted the effects of both the physical assault and cyberattacks during her remarks.

She said, “The changing geopolitical landscape [has] transformed the context for work in the cybersecurity space. While Russia is up to this physical oppression, conducting a cyber campaign — which seems to be no surprise — Russia has consistently used cyber pressure to stress its rivals.”

Collaboration and shared accountability

Cameron encouraged greater collaboration between institutions, technological firms, the government, and its agencies to help stop the avalanche of ransomware attacks. She reiterated that “if we’re going to maintain a cyberspace which is a safe and prosperous place for everyone, it’s vital that such capabilities are produced and used in a way that is legal, responsible and proportionate.”

In order to make ransomware an unproductive and unappealing business, work must continue in the area of understanding the scope, nature, and evolution of the techniques being utilized, according to Cameron, who continued to support collaboration and partnership.

However, in her speech, she also complimented the Israeli spirit of innovation. According to Cameron, the world democracies must push themselves to create technologies and frameworks that enable them to avoid relying on goods that are inconsistent with their principles.

“The startup nation of Israel can play an important role in this innovation over the years to come. The technology developed is truly world-class, the talent in the cybersecurity sector is second to none, and the defences are some of the strongest in the world. But making the most of our digital future is too big an issue for any one nation to handle alone. Whether it’s feed irrigation or wholesome climate technology, Israel has always been fighting to innovate for the benefit of people well beyond its borders.”

Cameron expressed confidence that Israel will keep producing cybersecurity solutions that are reliable, strong, and reasonably priced for the entire world.

Cybersecurity transcends nations and conflicts

The fight against ransomware does not exclude enterprises. Although nations are frequently dragged into the discussion, business operators are the primary victims of ransomware. In a recent analysis of over 150 ransomware engagements spanning the previous three years, IBM X-Force found that the period between initial access and ransom demands for ransomware attacks on businesses had seen a significant decline.

The rise of the initial access broker economy (where “initial access brokers” are hackers that specialize in breaching and then selling the access to cyber attackers) and ransomware-as-a-service (RaaS) are trends in the enterprise space. Both reduce or eliminate the entry barrier to utilizing ransomware. The RaaS industry has developed with increasing agility, ensuring that enterprise leaders can’t keep up with the rate at which attacks occur.

In addition to the requirement for a zero-trust architectural approach, Cameron emphasized the need for strict international government regulations.

She concluded the session by reassuring that the NCSC is working toward building a society where cyberattacks can be avoided as much as possible with the help of partner agencies.

Experts’ Take

“Ransomware attacks strike hard and fast and they’re evolving rapidly. They’re pervasive [and] increasingly offered like games-as-a-service, lowering the bar for entry into cyberspace — and that’s what makes them such a threat,” Cameron said.

“An important part of our response to this as an international community is a thicker issue of enforcement among rules governing activities. If we’re to ensure that the digital world remains a place of opportunity and to avoid conflict and struggle, we must be clearer about the guidelines and norms that transcend national borders.”