What Are The Next Steps In The Ransomware Protection Market?
Date : Nov 15, 2017 Category : Technology
In June 2017, the South Korean company Internet Nayana Inc. was affected by a ransomware attack that shut down more than 150 of its Linux-based web servers – hosting approx. 5000 customer websites.
The company eventually ended up paying almost 400 Bitcoin to retrieve their data – i.e. a value of US$ 1 million at the time. This was just a part of the total cost as they also had to give affected customers refunds and discounts. Even after paying the ransom, the company was unable to recover 100% of their data and promised affected customers free lifetime hosting. This example is, unfortunately, the norm and not the exception in today’s uncertain times. Cybersecurity Ventures estimates that the global ransomware cost is expected to cross US$ 5 billion in 2017, making the ransomware protection market immeasurably important. Attackers have seen the potential for huge windfalls and are innovating at a breakneck pace to overcome organizational security defenses. The industry has tried to keep up with hackers but the situation is predicted to get worse before it can improve.
Conventional software available in the ransomware protection market is ill-suited to keep up with new infections and variants that do not rely on executable files. Therefore, key stakeholders in the ransomware protection market have focused their attention on next-gen technologies such as behavioral analysis and sandboxing. Even free software providers are adding stronger identification tools to their signature-based approaches. A few companies in the ransomware protection market are adopting a multi-layered approach where the first layer is a signature-based antivirus and the second is behavioral analysis. Companies are thereby able to stop unauthorized access and send it to a containment unit for further observation. The third and final layer is machine learning where the system itself can separate malicious from non-malicious software. Next-gen malware detection is predicted to completely replace traditional signature-based antivirus software in the near future.
The Black Hat conference held in summer 2017 saw a number of ransomware protection software vendors claim zero ransomware infections. This makes one wonder where all the infections that dominate global headlines come from. Experts believe that it is probably due to the infected machines not having foolproof software installed as opposed to the ransomware getting through it in the first place.
While an individual is usually charged a few hundred dollars to eliminate an infection, the ransom skyrockets when companies are involved and many have reported paying in excess of US$10,000. This is compounded when a cloud serving multiple organizations is hit. In a recent study conducted, more than 80% of ransomware victims said that at least one ransomware attack could be linked to the cloud. That is why constant vigilance and continuous improvement are necessary as the hackers will never cease from trying to gain access to your confidential data. The unfortunate truth is that they only need to be successful once. Furthermore, law enforcement officials have to step up their game to remain one step ahead of hackers. This requires time and a great deal of cooperation as attackers are spread across the globe and critical infrastructure is often in regions with inadequate enforcement. It is also essential to address the flow of money as cryptocurrency is currently not regulated.