One would think that ransomware, currently the most significant cyber threat out there, keeps all organizations on edge and well prepared for an attack. However, the reality is that many companies have no incident response plans or ever test their defenses and employees’ knowledge regarding cyber threats.
Ransomware – The Biggest Cyber Threat To Organizations
Ransomware is the most significant security threat that organizations ranging from critical national infrastructure to large enterprises, healthcare providers, and schools are currently facing.
In a speech at the Chatham House Cyber 2021 Conference, Lindy Cameron, CEO of the UK’s National Cyber Security Centre (NCSC), warned about several cybersecurity threats facing the world today, with ransomware being “the most immediate danger to UK businesses and most other organizations.”
Cameron also noted that many businesses are leaving themselves vulnerable because “many have no incident response plans, or ever test their cyber defenses.”
Ransomware is still a top cyber threat today because some organizations that become victims will pay the ransom, seeing it as the best way to restore the network as quickly as possible.
Ransomware Attacks Are Expected To Grow
Researchers predict ransomware attacks will continue to grow in numbers and costs.
“We expect ransomware will continue to be an attractive route for criminals as long as organizations remain vulnerable and continue to pay. We have been clear that paying ransoms emboldens these criminal groups – and it also does not guarantee your data will be returned intact, or indeed returned at all,” said Cameron.
“Their intention is clear: to increase pressure on victims to pay,” she said.
In recent months, the impact of ransomware attacks has become so significant that world leaders have discussed the issue at international summits.
“We should not view ransomware as a risk we have to live with and can’t do anything about. We’ve seen this issue become a leader-level G7 topic of conversation this year. Governments have a role, and we are playing our part,” said Cameron.
“We are redoubling our efforts to clamp down and deter this pernicious and spreading crime, standing firm with our global counterparts and doing our best to turn this into a crime that does not pay,” she added.
Organizations Need To Take Ransomware Seriously
While governments, authorities, law enforcement, and international bodies play a part in helping to combat ransomware attacks, companies should also assess and improve their own defenses and security protocols they have or do not have in place, for the possibility of being targeted by ransomware groups is never off the cards.
“But victims also have agency here too. Do you know what you would do if it happened to you? Have you rehearsed this? Have you taken steps to ensure your systems are the hardest target in your market or sector to compromise? And if you would consider paying a ransom, are you comfortable that you are investing enough to stop that conversation ever happening in the first place,” said Cameron.
Applying security patches whenever they become available, using multi-factor authentication, and robust security protocols in place can help protect networks from ransomware attacks.
“One of the key things I have learnt in my time as NCSC CEO is that many – in fact, the vast majority – of these high-profile cyber incidents can be prevented by following actionable steps that dramatically improve an organization’s cyber resilience,” said Cameron.
“Responsibility for understanding cyber security risks does not start and end with the IT department. Chief executives and boards also have a crucial role,” she said. “No chief exec would get away with saying they don’t need to understand legal risk because they have a general counsel. The same should be true of cyber risk”.