26 JUN 2018

Cybercrime and ransomware: how to defend yourself (part II)

The World Report has highlighted attacks on 65 countries: how can a country be safe?

Unfortunately most people and organizations think that backups are enough as a countermeasure to ransomwares for the PC

Backups are not the solution. The need for a precise plan emerges made up of policies, processes, procedures and integrated technologies (for example: backups policy with recovery verification, management of security incidents and computer crises, systems update policy…). On 17 January 2018, in fact, in Indiana (USA) a  hospital paid $50,000  ransom even though it had backups of the encrypted data, since recovery would have taken too long.

In addition, there is also the risk that the backup will be encrypted, frustrating the countermeasure. On 22 March 2018, almost a year after Wannacry and despite the actions of awareness and mitigation through specific countermeasures, the city of Atlanta has been a victim of a ransom attack.


How much does the IT security of a country affect individual attacks?

Nations must sensitize, prevent and coordinate the response to cybernetic events, addressing both companies and citizens.

Law enforcement and IT security companies from different countries have joined forces to combat criminal activities perpetrated using ransomware. In fact The National High Tech Crime Unit of the Dutch police, European cybercrime Centre of Europol and Kaspersky Lab and McAfee have created the site No More Ransom with the aim of helping the victims of ransomware attacks to recover their encrypted data, without paying criminals.


IT attacks and human factor

IT attacks are increasing theimselves because of the human factor which is the major weakness. It means that poor user awareness and the lack of frequent or difficult updates both at personal level due to neglect or in the corporate environment due to the complexity of the systems, create a fertile ground for cybernetic attacks. The weakest link in the cybersecurity chain is the human being. In fact one of the world’s most famous hackers Kevin David Mitnick, known as Condor, based most of his offensive operations through social engineering exploiting the “human factor” as the initial vector.


Risks for companies

The risks for companies depend on the area of activity. Regardless of  this, the blocking of operations can involve damages affecting a company’s image and reputation, causing an economic impact. For activities of first aid, transport and police, a ransomware attack can put at risk the safety of thousands of human lives.

At a company level it is necessary to continually sensitize the employees with courses and seminars about IT attack risks both for possible attacks at work and on a personal level.


How can an individual avoid attacks?

On a personal level the culture of the problem is the best method of defense. People can defend themselves in these ways:

  • avoid opening email attachments or suspicious links;
  • update systems as soon as possible;
  • not buying obsolete and outdated devices or devices that update security patches in a timely fashion;
  • making online and offline backups of the most important data;
  • using an effective antivirus and malware suite.

Edited by Lucia D’Adamo, in collaboration with Andrea Petriglia, supervised by Marco Pirrone

Latest News