July 22, 2016
Is the UK Government Giving Adequate Advice on Cybersecurity?
US Department of Homeland Security Issues Ransomware Alert - Is the UK Government Giving Adequate Advice on Cyber Security?
On the heels of the many recent ransomware onslaughts on businesses, the US Department of Homeland Security (DHS), in collaboration with Canadian Cyber Incident Response Centre (CCIRC), recently posted an official public alert about the rising risk of ransomware attacks and the severity of the situation for both end users and businesses. It describes the effects as “temporary or permanent loss of sensitive or proprietary information, disruption to regular operations, financial losses incurred to restore systems and files, and potential harm to an organisation’s reputation.”
Evidence shows that the Ransomware epidemic is worsening, not improving. In the first three months of 2016, ransomware attacks increased tenfold from the entire previous year, costing victims more than £150 million.
The DHS stresses that individuals should not pay a ransom, as doing so “only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information.” The statement closes with a list of preventive measures for computer network protection from ransomware. The #1 recommendation comes at no surprise to us: “Employ a data backup and recovery plan for all critical information. Perform regular backups to limit the impact of data or system loss and to expedite the recovery process. Note that network-connected backups can also be affected by ransomware; critical backups should be isolated from the network for optimum protection.’
The UK Government has also put together an initiative to help businesses mitigate the risk of cyber attack from risks like Ransomware, called ‘Cyber Streetwise’ - but is the advice they’re giving adequate?
The 10 step strategy focuses on prevention, and endorses strengthening passwords, setting up firewalls, and deleting unnecessary user accounts. Their self-assessment questionnaire follows the same pattern. This is sound advice, what if the worst were to happen? In another guide, businesses are advised that ‘Data losses occur and so a systematic approach to the backup of the corporate information asset base should be implemented. Backup media should be held in a physically secure location on-site and off-site where at all possible and the ability to recover archived data for operational use should be regularly tested.” Much better - but when you consider the statistics, the importance of backup and disaster recovery should be far more heavily stressed.
Traditional signature-based security is now virtually useless, as 97% of malware today can morph to become unique to each endpoint device (Webroot, 2016). In fact, McAfee Labs identified 4 MILLION samples of Ransomware in Q2 2015. Anti-Virus and ‘best practises’ can only do so much in the face of this onslaught.
For managed services providers, this statement from the United States provides even more weight to the importance of data backup and recovery solutions, such as Datto.
Aside from cyber security defense products and a secure and reliable backup and restore solution, MSPs should also assist in providing SMBs with a basic education on cyber security best practices. Only by doing this do we have a chance of fighting back against the growing population of cyber criminals.
Where to begin? Send this persuasive piece of content to your database! You can read the full US Department of Homeland Security alert on ransomware and other variants, here.
It looks like on the subject of Ransomware advice, the USA has trumped the UK!