As Ransomware Attacks Rise, Cyber Security Body Urges ‘Defence In Depth’ Deployments

The National Cyber Security Centre (NCSC) this week urged organisations to deploy “defence in depth” strategies in order to ward off risks posed by an increasing number of ransomware attacks.

In its annual review the government agency – which is part of GCHQ – reported a significant rise in ransomware attacks on the UK.

It also noted a significant change in the way those attacks are carried out. “Rather than simply preventing access to data, criminals are stealing it and threatening to leak the most sensitive parts publicly,” it warns.

To avoid becoming a victim of cyber criminals, NCSC has issued new guidance which counsels organisations to protect data by “implementing a technical architecture with multiple defensive layers, if one mechanism fails, another is there to thwart an attack.”

It’s a message that we here at Avoira very much endorse.

Last line of defence

We have long advised on and deployed for our clients appropriate security measures to guard their data and IT infrastructures. These may be software solutions – firewalls, VPNs etc – and protocols.

Now we have a new tool in our cyber security box, one that very much chimes with NCSC’s defence in depth advice.

As a last-line-of-defence technology, Bullwall’s RansomCare sits behind your perimeter security. If and when that permitter is breached, this smart, always-on solution immediately halts the spread of malware.

It does so by identifying and isolating a breached device to prevent further encryption of files (such as Excel, Word and PDFs incorporating critical data). Because it identifies both the targeted user and the files encrypted, RansomCare also enables swift restoration from back-up to further support business continuity.

Covid-19’s viral threat

These capabilities have a heightened importance in current times.

As the NCSC notes, Covid-19 has changed the security landscape, with Government guidance and restrictions massively increasing the number of employees working from home.

“With more people using personal devices for work purposes came an increased vulnerability to cyber fraud, as criminals sought to exploit the changing circumstances. Some scams, frequently used phishing emails, claimed to have a “cure” for coronavirus, or sought donations to medical charities. Many users found that clicking a bad link led to malware infection, loss of data and passwords.”

We have assisted many public private and public sector organisations in safely adapting to the new working model. But nonetheless risk can never be totally eliminated. Take phishing. The NCSC points out that fake emails can be so convincing that “even highly skilled cyber experts can be fooled into clicking a link.”
Organisations of all shapes and sizes are vulnerable. Among recent high-profile cases is a major French IT services business which suffered a ransomware attack towards the end of October. If an international IT specialist, with its own cyber security division can be hit, then anyone can.

Prevention is better than cure

Independent research for IBM’s Cost of a Data Breach Report [PDF] found that 76% of respondents who had adapted to WFH believed remote working would increase the time taken to identify and contain a data breach. 70% said it would increase the cost.

That’s why RansomCare is such an important defensive tool. If you do suffer a breach, if an employee clicks a convincing but dodgy link, the infection is isolated and encrypted files promptly identified. Because it’s both preventative and curative this clever solution makes it much simpler and quicker to restore from back up. An IT administrator need only return to business just one device and user.

It’s a solution that’s very much impressed us geeks at Avoira, so much so that we’re now offering free ransomware assessments. These are conducted remotely by our aforementioned cyber security geeks, whose two-hour evaluation will test if your existing security defences will prevent a ransomware attack.

If you’d like to arrange an assessment simply drop us an email or call 0161 925 7679.