A panel of industry experts gathered at Cloud Security Expo 2018 this week to discuss the threat of ransomware, strategies for defending against it and what the future might hold for a malware type that has notoriously caused so much damage to so many victims.
Moderator: Adrian Davis, managing director EMEA, (ISC)2
Paul Edmunds, head of technology, National Cyber Crime Unit
Paul Holland, information security leader, Hiscox
Kiran Bhagotra, CEO/founder, ProtectBox
Kiran Bhagotra: “My answer would be no, and the reason for that is you need a holistic approach to cybersecurity – you need people, you need process, and then the technology. Ransomware is a malware, but there are various malware delivery methods, so the actual cause of the problem is the thing that delivers it.”
Paul Edmunds: “The thing about ‘threat’ is that it’s different from risk. In the wild, ransomware probably is the biggest threat.”
Paul Holland: “I’m going to say no – I’ve not seen it as the biggest threat the whole time. For me the biggest threat has always been the insider, for various different reasons. Ransomware is obviously a very big threat though and when it hits, it hits you really badly.”
Davis then asked the panel if headlines about ransomware can make it seem a greater threat than it realistically is.
Paul Holland: “We saw that with WannaCry and NotPetya last year – the fact it got so much press and publicity means everybody knows about it, whereas a lot of the other threats people aren’t particularly aware of.”
Kiran Bhagotra: “I think the thing that publicity has done is help people understand what malware is, and because they know what it is but they then can’t tackle it, that’s where this whole ‘voodoo’ thing comes about that ransomware is the biggest threat.”
Moving the discussion on, Davis asked what tools are available to best defend against ransomware.
Paul Holland: “It certainly comes down to patching your systems. If your systems are up-to-date then the ransomware isn’t really going to be able to get hold of them in the first place. It’s also about the awareness of your insiders and training your own staff to make them understand what’s going on and stop them clicking on links.”
Paul Edmunds: “There is this thing about defense in depth, and that perimeter security is not good enough. You have to have strategies in place to at least contain the effect and impact of ransomware.”
To conclude, Davis asked the panel what the next-generation of threats will be, and if cyber-criminals are evolving quicker than defenses are.
Paul Edmunds: “There are a lot of problems now around the connected network, and the fact that mobile malware is being seen now and becoming more prominent. There’s just a growth in vulnerabilities and different attack vectors.”
Kiran Bhagotra: “I don’t think cyber-criminals are moving faster than us, but they just know how we all function. They’re very good at knowing where the weak spot is and they’re very organized about the manner they go about things. I don’t think we’re quite as coordinated as they are.”