Oleg Bondarenko, Director, International Research at FireEye, speaks to Anita Joseph about ransomware attacks, the need for greater awareness about this mode of attack, and comprehensive monetary investments to prevent cyber-attacks
Why is ransomware increasingly becoming the attack of choice for cybercriminals, especially in the last few years?
Ransomware has always been popular with attackers, but it is in 2016-2017, that it really took off. There was a particularly destructive attack that happened around that time, which exposed crucial vulnerabilities in large organizations. They realized that they didn’t have enough security or segmentation, very little training and awareness, and hence, little preparation. Ironically enough, even the attackers realized how easy it was to carry out ransomware attacks and how they could get huge ransom amounts, instead of the earlier amounts of 100 or 200 dollars. Even insurance companies started pitching in and paying these amounts, so attackers spotted a huge minefield of monetary gains with little effort. This is why ransomware has taken off in a huge way now.
Given that cybersecurity is gaining considerable traction here in the Middle East, how do you think organizations both large and small can prepare themselves for ransomware attacks?
I’d say prevention and preparation begin with awareness. There is an immediate, urgent need for multi-layered, relevant training modules for organizational employees of all levels, about ransomeware, and the need to be cyber-vigilant. Also, different departments in an organization need different kinds of training, instead of one general training module for the entire office. Then again, traditional, signature-based anti-virus solutions need to be replaced with modern, cutting-edge, forward thinking, and predictive security measures.
Talking of awareness, how great so you think is the need for ransomware awareness in the region?
I’d say it’s very, very critical. Organizations here are becoming increasingly aware of the need to stay alert to cyber-attacks, especially ransomware, but a lot of work still needs to be done. I’d say we need decision makers, the media and cyber security experts to step up their game and make businesses realize the need to be more vigilant.
Would you agree that there is a monetary angle to that? As in, companies are unwilling to invest comprehensively in cutting-edge cybersecurity solutions because they think that’s an unnecessary expense?
Yes, you’re right. Most firms think that a basic prevention method covers everything and that any extra investment is just additional expense. But what they don’t realize is that with the complexity and sophistication of these attacks, they are compromising their businesses to a major, major extent. To dispel this notion, I’d say organizational decision makers should properly understand the ramifications of modern day cyber-attacks, and convince their team about this. Then again, proper attention must be paid to the quality and relevance of the preventive measures that are in place. In today’s cyber-attack scenario, every organization must have prioritized intelligence requirements properly in place.