Page 1 of 3 next >>

Cyberattack—How to Prepare and What to Do If It Happens

By shifting your mindset from “if” to “when” a cyberattack happens, certain activities which may appear burdensome, tedious, and sometimes are even ignored, will become relevant and important.

Protecting online systems has become an increasingly difficult job. Over the last decade, we’ve seen the role of IT security become more critical, not only within the data center, but across entire organizations. The data that a firm has is often its most important asset; hence, it is critical that it is protected. In order to understand how to approach cybersecurity, let’s understand what drives the majority of cyberattacks.

Hackers, viruses, and malware have been a part of the internet almost since its conception. The earliest incidents of cyberattacks include the successful hacking in 1983 of computer systems at multiple institutions, including the Lawrence Livermore National Laboratory, and the Morris worm virus infection in 1998 that affected an estimated 6,000 computers and caused an estimated $98 million in damages. Criminals soon realized that illegal access to computers and networks allowed them to steal money, as businesses were increasingly going digital.

For more articles on data security, download the CyberSecurity Sourcebook 2017

The first known ransomware was AIDS, also known as Aids Info Disk or PC Cyborg Trojan, written in 1989. The malware hid files, encrypted file names, and demanded payment to be made in order to receive a fix tool. Since the malware used symmetric encryption, the encryption key could be extracted from the malware data recovery without having to break the encryption. The use of asymmetric encryption for ransomware, first proposed in 1996, changed the landscape of ransomware—data was no longer decryptable by the encryption key in the malware code. The attacker held the key for decryption.

Ransomware turns strong encryption, that was created to protect data, against its users. In addition to this, anonymity in the form of Bitcoin gives the attackers a great way to obtain payment with the certainty that they can’t be tracked. Ransomware attacks have become painfully constant; last year, they averaged around 4,000 per day.

Where Is It Going?

Ransomware is an extremely profitable business for criminals. Ransoms paid last year totaled over $1 billion. That’s big business. The availability of Bitcoin has created an untraceable form of payment, making it easier for attackers to exploit vulnerabilities remotely, turn encryption into a weapon, and receive ransom. We should also expect to see an increase in attacks, both in frequency and volume. Infosec Institute predicts ransomware to continue rising. Organized crime rings have ventured into this field even without having technical backgrounds. They rely on ransomware-as-a-service servers that hackers have made available in the dark corners of the web.

Even worse, experts predict that ransomware attacks are expected to become more targeted and sophisticated. Ransomware attacks will be launched targeting specific organizations and individuals, and everyday objects such as cars and appliances due to the increasing adoption of IoT.

How to Prepare

The cybersecurity industry has grown tremendously and there are now many ways to protect, prevent, and recover from cyberattacks. It’s important to understand holistically that there is nothing that can be 100% secure. The first aspect of preparation is adopting a mindset of “expecting an attack.” This allows you to consider your business needs in terms of recovering from an attack and to work backward on determining what you need to do to fill the gaps. It’s a matter of thinking “when and how my organization will be a target of a cyberattack,” instead of “if.”

Page 1 of 3 next >>


Subscribe to Big Data Quarterly E-Edition