CISO concern grows as ransomware plague hits close to home
Ransomware is on a roll.
Garmin is currently wrestling with a ransomware-induced outage, and locally in Australia, 2020 has seen ransomware take out major companies and threaten beer supplies when it hit logistics giant Toll and beverage company Lion. Toll has only recently recovered from its second dose of the year.
These sorts of attacks are starting to ring alarm bells, with APAC CISO of JLL Mark Smink telling ZDNet on Tuesday the ransomware plague has evolved a long way from where it was four or five years ago.
"[It] does concern me significantly that Fortune 500 companies are actively being targeted and they are looking for as much damages as they possibly can," he said.
"It is alarming how close to home these incidents are actually occurring."
One way to push back, according to Smink, is to have a coordinated approach between technology, people, and processes.
Going a step further, Cisco Australia cybersecurity director Steve Moros said the industry itself needed to evolve as well as a siloed approach to defence against ransomware is no longer effective.
"I don't think [ransomware] can be stopped in terms of people growing the sophistication and techniques, and the persistence of these types of attacks, so I think that will stay. If we look at history, it's going to continue to evolve," he told ZDNet.
"The security industry must evolve, and if we look at security solutions, they need to work as a team and that means that they communicate in real time and learn from each other and then they have a coordinated response to these attacks.
"It's the coordinated sharing of context and the integrated approach that will help minimise the impact."
Last week, an industry advisory panel report, which will feed into the federal government's upcoming 2020 Cyber Security Strategy, recommended that large businesses receive incentives to support smaller businesses in their supply chain and client base.
For Moros, that boils down to the sharing of information.
"If you put that into perspective from an economic standpoint, a smaller organisation that does business with a larger organisation is the weakest link because it's a trusted connection that can be compromised to attack a larger organisation," he said.
"[It] used to be seen as a competitive advantage to kind of have stopped an attack and not share that information. But I think now when you look at supply chain hacking and different types of techniques, it's beneficial that an organisation will help share best practice and information on threats that are traversing their sector, or segment, or organisation."
When talking with smaller organisations, Smink said it was best not to overcomplicate what is expected from third parties.
"We want to make sure that that we have a clear path of communication to share an intelligence, but also making sure that we have clear and concise objectives on how we expect them to run a secure operation," he said.
"That's why we have been focusing on actually trying to simplify that engagement to make it accessible for smaller partners."
Related Coverage
- Garmin services and production go down after ransomware attack
- Ransomware gang asks $42m from NY law firm, threatens to leak dirt on Trump
- Texas school district falls for email scam, hands over $2.3 million
- Ransomware gang demands $7.5 million from Argentinian ISP
- Malware is down, but IoT and ransomware attacks are up (TechRepublic)
- Ransomware accounts for a third of all cyberattacks against organizations (TechRepublic)