To close attackers’ windows of opportunity, customers must gain more visibility into their networks and improve activities such as patching and retiring aging infrastructure
Organisations are completely unprepared for future strains of evermore destructive ransomware, a study from Cisco finds.
According to its Midyear Cybersecurity Report, in 2016, ransomware has become the costliest malware type in history and the next wave is expected to be even “more pervasive and resilient”.
Fragile infrastructure, poor network hygiene, and slow detection rates are providing ample time and air cover for adversaries to operate, the networking giant concludes.
Cisco adds that it expects this trend to continue with even more sophisticated ransomware that can spread by itself and hold entire networks, and therefore companies, hostage. “New modular strains of ransomware will be able to quickly switch tactics to maximise efficiency,” it warned.
“These new ransomware strains will spread faster and self-replicate within organisations before coordinating ransom activities.” For example, future ransomware attacks could evade detection by being able to limit CPU usage and refrain from command-and-control actions.
The report also found the struggle to “constrain the operational space” of attackers is the biggest challenge facing businesses and threatens the underlying foundation required for digital transformation. Other key findings in the MCR include adversaries expanding their focus to server-side attacks, evolving attack methods and increasing use of encryption to mask activity.
Visibility across the network and endpoints also remains a primary challenge. On average, organisations take up to 200 days to identify new threats. Faster time to detection of threats is critical to constrain attackers’ operational space and minimise damage from intrusions, Cisco said.
While organisations in critical industries such as healthcare have experienced a significant uptick in attacks over the past several months, the report’s findings indicate that all vertical markets and global regions are being targeted. Clubs and organisations, charities and non-governmental organisations (NGOs), and electronics businesses have all experienced an increase in attacks in the first half of 2016.
“As organisations capitalise on new business models presented by digital transformation, security is the critical foundation. Attackers are going undetected and expanding their time to operate,” said Marty Roesch, vice president and chief architect, security business group, Cisco.
“To close the attackers’ windows of opportunity, customers will require more visibility into their networks and must improve activities, like patching and retiring aging infrastructure lacking in advanced security capabilities,” he continued.
To safeguard business environments, Cisco advises, organisations: improve network hygiene; implement defences at the edge; segment the network; deploy next-generation firewalls and next-generation IPS; and back-up critical data and routinely test their effectiveness.