New Lloyds report outlines the impacts of a global ransomware attack

The report explores and analyses the risks, costs and damage that would be caused by a coordinated global ransomware attack. The scenario outlined predicts that from the time the attack is launched it would encrypt all data on nearly 30 million devices worldwide. Companies of all sizes and in all sectors would be forced to pay a ransom to decrypt their data or to replace their infected devices. The report estimates a cyber-attack of this scale could cost $193bn and affect more than 600,000 businesses worldwide.

When considering the scenario described, essentially a global malware infection aka Bashe attack much like the recent WannaCry ransomware attack but scaled up significantly, I looked at it from both an organisational viewpoint and an attackers. As an attacker you need a global and agile delivery platform of your malware that’s resilient to attack/disruption itself (aka highly-available). These are the same set of high level requirements that large organisations have to meet their own commercial imperative.

As companies like Microsoft Azure report record revenues, overall commercial cloud revenue grew 48% year-over-year to $9.0 billion, highlighting how important cloud adoption has become at an enterprise level. This trend has not gone unnoticed by adversaries who have begun to take advantage, using highly-resilient cloud services (Pastebin and Google Drive etc.) to deliver malware-as-a-service, showing that the report highlighted scenario isn’t futuristic – it’s fast becoming a reality.

This means that enterprise must be more highly resilient, in terms of organisational and security operations tools, policies and personnel who must be empowered to be more agile and responsive than an attacker. A very tricky task – especially when you consider that the attacker is able to learn and tune their attacks continually and see SecOps tool and policy trend changes/evolutions – effectively threat defence intelligence.

In order to level the playing field in this new cloud based threat landscape and increase cyber threat visibility, enterprise must factor in these three key components in to their cyber security strategy:

Latest threat intelligence from reliable cyber threat intelligence companies that they are able to action.
Robust business continuity and risk management plans and policies.
Agile and responsive SecOps and business operation tools such as flow monitoring tools, next gen IDS systems and multi-layered threat detection platforms.

Companies must ensure they are better prepared for ransomware attacks, by utilising these three components SecOps teams will dramatically reduce vulnerability and an organisations attractiveness to attackers. This needs to happen across the board, at every level, in every vertical, as the global economy becomes more interconnected and reliant on technology.

Talk to Telesoft about securing your infrastructure against attacks at carrier scale here