02 Aug Ransomware: the importance of IT security
Ransomware: the importance of IT security
29 July, 2021
Back in the mists of time, ransomware was the work of a hacker or criminal who had spent days compromising a chosen network. Today, ransomware attacks are fully automated and target anything possible to access via the internet. It is vital to ensure that your IT landscape is protected properly. Don’t underestimate the importance of IT security, because ransomware attacks have a major impact. Our colleague, Ties Meesters, tells us more about this subject.
A ransomware attack can be summarised as a type of cyber attack in which a criminal gains access to as many of a company’s computers and servers as possible and then encrypts them. The criminal only decrypts the computers and servers targeted after a ransom has been paid. As part of the post-graduate programme I’m doing, I’ve been focusing on how to manage ransomware risks recently.
The importance of IT security
The more my research progressed, the more important it became. Our dependence on the digital infrastructure is growing, particularly now, with many people working from home and the hasty introduction of new work processes. As the NCTV says, “digital processes have become society’s central nervous system.” If this digital infrastructure is ‘down’, an entire company can grind to a halt. And that’s something that every business owner would prefer to avoid.
Recent examples of ransomware
The municipality of Hof van Twente is one example of an organisation that became the victim of a ransomware attack recently. With just a weak password and a vulnerable work-from-home solution, the municipality lost all of its systems and networks. The estimated time necessary to get everything back up and running again? More than two years. Another option, of course, would be to pay the ransom, which could be a significant amount of money. The Colonial Pipeline company was forced to pay its hackers several million dollars after their ransomware attack stopped the delivery of supplies to filling stations and left millions of Americans without gasoline.
Measures to ensure effective security
My research revealed a number of specific, effective measures that could be used to reduce the risk of ransomware attacks, or their consequences, and provide a good level of basic protection. The following points are particularly important:
- Reduce the attack zone;
- Create awareness;
- Have processes and procedures that can be initiated immediately after a ransomware attack or when recovering from a ransomware attack.
In line with my research results, the NCSC also published a guide that sets out eight cyber security measures last week. It is particularly important for basic patch management, back-ups, network segmentation and access security to be in place and applied consistently.
Ransomware risk management
The renowned National Institute of Standards and Technology (NIST), which developed the well-known NIST Cybersecurity Framework, has published a Ransomware Risk Management edition too. This describes a number of measures from the NIST Cybersecurity Framework that are important when managing ransomware.
Joanknecht will help you assess processes in accordance with the NIST Cybersecurity Framework. We analyse technical and procedural processes and the corresponding vulnerabilities and advise on additional measures.
This article was written by Ties Meesters, IT Auditor at Joanknecht.