3 - 4 OCTOBER 2018 / EXCEL LONDON

Running against ransomware

Monday 07 August 2017

WannaCry, NotPetya, Goldeneye, sound familiar? These are names that have dominated the headlines. But with ransomware attacks getting so much air time at the moment, the question to ask is how are businesses protecting themselves? 

The recent WannaCry or WannaCrypt ransomware attack affected more than 230,000 computers in over 150 countries, with the NHS being the most prolific victim in the UK. But it’s not just the NHS being targeted, attacks on healthcare providers across the world are at an all-time high and ransomware is the tool of choice for many cyber-criminals targeting this sector. Due to the critical nature of the data healthcare organisations hold, some have resorted to paying their attackers. Last year, the computers belonging to the Hollywood Presbyterian Medical Centre in LA, were taken hostage using a piece of ransomware called Locky. The attack caused computers to be offline for over a week, until officials made the decision to pay out the equivalent of $17,000 in Bitcoin.

It’s not just healthcare that is being targeted. We are living at a time where it more important than ever to be secure.

So are we prepared for the next big attack? Will backing up files and deleting emails that look suspiciously like your bank account logins be enough? A problem many big companies face, is that they run on legacy technology, which due to its sheer size means implementing new upgrades can be costly and time-consuming tasks. Without the ability to receive security-focused software updates, these systems are left at huge risk. After the recent WannaCry attack affected businesses across the world by exploiting unprotected legacy technology, Wendy Nather, Principal Security Strategist at Duo Security explained; "We're looking at many decades of building complex systems - one on top of the other -with no effort to go back to fix what we did wrong along the way."

However, according to James Lyne, Global Head of Security Research of Sophos, a silver lining to ransomware attacks is that it helps to raise awareness of the importance of cyber-security. Let’s hope that now, after seeing the consequences of these attacks, organisations will put in the necessary efforts in advancing their security. As awareness of attacks like this increases, ransomware’s astounding success may turn out to be its weakness, too.

Top