View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Leadership
  2. Digital Transformation
July 4, 2016updated 28 Mar 2017 4:26pm

Ransomware and the end of perimeter protection

By John Oates

The best way to protect an enterprise against malware used to be to protect the perimeter. Emails and their attachments were scanned. USB sticks and other media were either banned completely or carefully checked. Staff were not allowed to attach their own devices to networks without the express permission of the IT department. For better or worse those days are over. Staff and guests now expect to be able to link their own phones and tablets to corporate networks. The use of cloud services and remote access to enterprise applications means the perimeter has grown exponentially. Attacks are now possible on Android, iOS and Linux, not just Windows. This means the old, reactive types of cyber security are being replaced with more proactive systems. Enterprises need to do more than just react when breaches or attempted attacks are made. They also need tools to help deal with a problem which is increasing exponentially. Automated systems are vital in order to deal with the hundreds or thousands of reports being created by scanning so many different devices and different operating systems. The other change is that attacks now are focussed on financial gain. The massive growth in ransomware is just one example. Attackers no longer need sophisticated hacking skills – ransomware is now available ‘off-the-shelf’ from malware portals and only requires attackers to send onto victims. Old types of ransomware – which typically encrypt business systems and data and demand payment in exchange for decryption keys – needed users to click on email attachments. But newer types use Javascript and can be activated with minimal user action and are much more difficult for security systems to detect. Attackers are increasingly going after companies’ key applications and the data they hold. Traditional email scanning, and regular staff training, can help prevent many ransomware attacks. But the next generation malware is much harder to spot. These attacks are also carefully targeted at specific vertical markets. The early part of 2016 saw attacks in the US, UK and Europe on hospital systems. The worst of these attacks left a hospital forced to turn away emergency patients because systems were simply unavailable. It is believed that more than one of these hospitals was forced to pay a ransom in order to restore access to key systems. HPE found almost half of enterprises now proactively monitor outward facing applications for security-related events. Researchers also saw the beginning of a shift in the ‘reactive-proactive’ balance. Although accepting that security intelligence systems are not cheap, and implementation not without risks, the potential savings for businesses which can predict and spot upcoming attacks will be huge. There is also an acceptance of dealing with attackers as a business – they are looking to make a profit on money invested. So security systems need to make being a bad guy more expensive, more time consuming and more risky. Or as HPE researchers put it: “While the threat of cyber-attack is unlikely to go away, thoughtful planning can continue to increase both the physical and intellectual price an attacker must pay to successfully exploit an enterprise.”

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU