We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Sixty percent of organizations were hit with ransomware last year, according to the Sophos State of Ransomware 2022 Report [subscription required]. With attacks growing in numbers and complexity, and ransom payments rising, the cybersecurity catch-up game keeps raging. As malicious actors continue to exploit and weaponize vulnerabilities faster than ever, Lindy Cameron, CEO of the UK’s National Cyber Security Centre (NCSC) notes that ransomware still remains cybersecurity’s biggest challenge.
At CyberWeek 2022, the 12th edition of Israel’s largest cybersecurity event, hosted in Tel Aviv, Cameron said while it might seem that more sophistication has gone into bolstering security across organizations and nation states in recent years, all hands must be on deck to root out ransomware.
“Ransomware attacks strike hard and fast and they’re evolving rapidly. They’re pervasive [and] increasingly offered like games-as-a-service, lowering the bar for entry into cyberspace — and that’s what makes them such a threat,” Cameron said.
As the Russia-Ukraine war continues to rage, cyberattackers deployed ransomware in several instances to serve as a “decoy or distraction” as they targeted organizations in Ukraine. During her speech, Cameron acknowledged the impact of not just the physical assault, but also the cyberattacks.
“The changing geopolitical landscape [has] transformed the context for work in the cybersecurity space,” she said, acknowledging the impact of the Russian-Ukraine war on the changing face of cybersecurity. “While Russia is up to this physical oppression, conducting a cyber campaign — which seems to be no surprise — Russia has consistently used cyber pressure to stress its rivals.”
Collective responsibility and collaboration
To help quell the onslaught of ransomware attacks, Cameron called for increased cooperation between institutions, technology companies, government and its agencies. She reiterated that “if we’re going to maintain a cyberspace which is a safe and prosperous place for everyone, it’s vital that such capabilities are produced and used in a way that is legal, responsible and proportionate.”
Continuing to sound the beat for collaboration and partnership, Cameron said work must continue in the area of understanding the scale, nature and evolution of the techniques being used in order to make ransomware an unprofitable and unattractive business.
However, her address wasn’t all gloom and doom, as she praised the Israeli technological spirit. According to Cameron, the democracies of the world have to challenge themselves to develop technologies and systems which help them to avoid relying on some products not aligned with their values.
“The startup nation of Israel can play an important role in this innovation over the years to come. The technology developed is truly world-class, the talent in the cybersecurity sector is second to none and the defenses are some of the strongest in the world. But making the most of our digital future is too big an issue for any one nation to handle alone. Whether it’s feed irrigation or wholesome climate technology, Israel has always been fighting to innovate for the benefit of people well beyond its borders.”
Cameron was optimistic that Israel will continue to produce cybersecurity solutions that are safe, strong and affordable for the whole world.
Cybersecurity goes beyond countries and wars
The enterprise is not left out in the battle against ransomware. While countries often get dragged into the mix, the major targets of ransomware are enterprise operators. Recently, IBM X-Force examined over 150 ransomware engagements from the past three years and discovered there was a major decrease in the duration of ransomware attacks on enterprises, specifically the overall time between initial access and ransom requests.
Another trend that has become observable in the enterprise space is the rise of the initial access broker economy (with “initial access brokers” being the hackers who specialize in breaching enterprises and then selling that access to cyberattackers) and ransomware-as-a-service (RaaS), both of which reduce or totally eliminate the entry barrier to utilizing ransomware. The RaaS industry has become more developed with increasing agility, ensuring that enterprise leaders can’t keep up with the rate at which attacks occur.
Beside the need to adopt a zero-trust architectural approach, Cameron notes there must be strong international government policies in place.
“An important part of our response to this as an international community is a thicker issue of enforcement among rules governing activities. If we’re to ensure that the digital world remains a place of opportunity and to avoid conflict and struggle, we must be clearer about the guidelines and norms that transcend national borders.”
Cameron concluded her session by reiterating that the NCSC is working with partner agencies and organizations to ensure that a society where cyberattacks can be repelled is possible, adding that “cybersecurity is second nature to all of us.”