Skip to main content

Ransomware: Building Cyber Resilience

Ransomware: Building Cyber Resilience

Ransomware: Building Cyber Resilience In our first article, we defined a ransomware attack and its impact on non-profit organisations, and we made some recommendations for preventing such attacks. In this article, we look at ransomware in more depth to provide a better understanding of how to build cyber resilience.
There is a growing threat to cyber-security in various dimensions but especially in the form of “ransomware.” Multi-dimensional cyber threats are emerging from cross-modal attacks facilitating further virtual disruptions, such as cybercrime and virtual terrorism.
This situation results from the failure of organisations and governments to establish an adequate and effective cyber-security resilience shield. Such a shield employs multiple technical tools and human approaches like extensive and holistic awareness programs in conjunction with a culture of cyber security consciousness.
Many lack the expertise to maintain cyber-security assurance and address risks that jeopardise the integrity and reputation of trusted governments and organisations. We argue that a combination of security awareness with a comprehensive plan embedded in organisational culture would serve as a solid foundation on which to build more effective cyber security resilience.
This approach goes beyond the current high-level policies and standards in widespread use, and it addresses the more detailed security challenges that threaten the cyber-security of trusted systems and organisations.

Cyber Resilience and Business Resilience

Business resilience ensures a rapid response to disruptions while maintaining continuous business operations. Cyber resilience is closely linked to business resilience and is a requirement organisations should have in the digital era.
The scope of cyber resilience also encompasses the ability to reduce the magnitude, impact, or duration of a disruption to critical infrastructure from cyber threats, so that essential services can be recovered quickly and effectively if they are damaged or destroyed.
It is clear that cyber security processes are vital for managing risks, fixing, and patching vulnerabilities and improving system resilience. Therefore, it follows that an adequate cyber resilience plan should entail sufficient co-ordination between the risk management process, well-qualified people, hardened technology, and dependable assurance processes.
IT Departments should be central to a cyber resilience initiative, proactively collecting security intelligence. For this purpose, IT can use security controls and technologies that already exist in the IT ecosystem. The information generated allows organisations to respond to attacks whilst assisting in measuring their capability to ward off threats with the result that executive management are able to make well-informed decisions regarding their cyber security strategy.

Cyber Resilience and People 

Technological solutions for dealing with issues arising from cyber security threats are relatively similar globally. But the real challenges are posed by non-technical forces including human and organisational issues.1
Human behaviours combined with organisational forces can negatively impact cyber security initiatives and associated risks.2 Whether intentionally or naively, people can compromise organisational assets. Malicious activities from within (insider threats) have always been a major headache for corporations. The threat posed to organisations from insiders is unlikely to disappear quickly or easily.3
In response to such threats and to mitigate the risks organisations face, additional security controls are needed with an extended vetting process for new employees. However, this may impact productivity, which on its own is a major issue in ever-increasingly competitive markets. Corporations should consider a trade-off by accepting and transferring some risks in order to remain competitive for this purpose.
Hence, it is imperative for organisations to know whether everyone who works for them is sufficiently competent to enable the organisation to recognise, respond to, and recover from a cyber-attack. It is clear that a cyber awareness program is crucial for reducing and mitigating the risks to information security.

Awareness Program

Many cyber-attacks succeed by exploiting people and human factors. These factors include lack of awareness, insufficient technical skills, inadequate communication skills, lack of supervision and insufficient involvement of management.4
Awareness programs play a vital role in reducing the engineering of human social interactions for exploitation purposes and for gaining access to organisational assets. They can help to mitigate risks to organisations in the age of cyber security challenges.
Awareness programs should be directly relevant to roles and responsibilities, so training must be tailored and include role-based activities to ensure staff are aware of techniques used when targeting specific stakeholders. For example, anyone who has access to the corporate network should receive training on spotting a phishing attack. The cyber awareness program is just as relevant to boards and senior executive teams as it is to the most junior members of staff.
For multi-national corporations, the awareness training should take into account the host country’s ethics, culture and regulations as they vary from one country to another.
The real challenge is that in many organisations, the crucial information about cyber resilience awareness program gets less priority than other important matters. Staff can get overwhelmed by the volume of organisational policies and other communications.
For organisations to make a success of cyber security training, these steps should be followed:
  1. Set objectives for cyber security awareness and base these on problems, objectives and metrics
  2. Scope and design the process through stakeholder analysis, defining driving and resisting forces and clarifying the right action steps
  3. Deliver the program by clearly setting out the message; using the right language’ providing accessible and flexible training, education, and awareness; ensuring that users are engaging; and setting the organisational communication policies and activities right. Make sure the right message is going to be delivered with the right tool
  4. Evaluate the effectiveness of the training, revise it, seek feedback, and then run it again.
An effective cyber security awareness program like any other organisational initiative must be supported by senior management and be allocated adequate funding. The board and senior management should be equipped to understand the importance of such programs for an adequate response to cyber breaches and in addition, for assisting them, and for a sound and strategic decision-making process.

Conclusion

Cyber-resilience is a journey, not a destination. It is never going to be easy to fight cyber-crime and protect sensitive data, intellectual property, and one’s reputation. And there are no guarantees. Cyber criminals are inevitably one step ahead of the good guys, and where valuable information assets are involved, the budgets provided to cyber attackers to achieve their mission are almost infinite.
However, as we have demonstrated, organisations can put in place measures providing highly effective protection. These must be designed with cooperation from Board members and methodically planned to create as much resilience as possible, encompassing both technical and human factors. The principles are the same although each organisation is different.
A sufficient budget must be allocated annually, and once made, plans need to be regularly reviewed and updated as the threat landscape develops and changes. Progress must be monitored and plans adapted. Human factors must never be overlooked, and awareness programs must be comprehensive and constant as the old-fashioned confidence trick is an essential part of the toolkit of the modern cyber-criminal. Following these steps will equip organisations to stay resilient.

References:

  1. Alavi, R, et al. “Analyzing human factors for an effective information security management system.” International Journal Of Secure Software Engineering (IJSSE)1 (2013): 50-74.
  2. Alavi, R. “Human Factors in Information Security Management System.” Infosec Institute. http://resources.infosecinstitute.com/human-factors-information-security-management-systems/#gref
  3. Threat Horizon 2017: Dangers accelerate. Published by Information Security Forum Limited https://www.securityforum.org/research/threat-horizon-2017-dangers-accelerate/
  4. Alavi, R., Islam, S. and Mouratidis, H., 2015. Managing Social Engineering Attacks- Considering Human Factors and Security Investment. Proceedings of the Ninth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2015). Plymouth, University of Plymouth.
 

Popular posts from this blog

Hidden Wiki

Welcome to The Hidden WikiNew hidden wiki url 2015 http://zqktlwi4fecvo6ri.onion Add it to bookmarks and spread it!!!
Editor's picks Bored? Pick a random page from the article index and replace one of these slots with it.
The Matrix - Very nice to read. How to Exit the Matrix - Learn how to Protect yourself and your rights, online and off. Verifying PGP signatures - A short and simple how-to guide. In Praise Of Hawala - Anonymous informal value transfer system. Volunteer Here are five different things that you can help us out with.
Plunder other hidden service lists for links and place them here! File the SnapBBSIndex links wherever they go. Set external links to HTTPS where available, good certificate, and same content. Care to start recording onionland's history? Check out Onionland's Museum Perform Dead Services Duties. Introduction PointsAhmia.fi - Clearnet search engine for Tor Hidden Services (allows you to add new sites to its database). DuckDuckGo - A Hidden S…

[SOLVED] IDM WAS REGISTERED WITH A FAKE SERIAL NUMBER

[SOLVED] IDM WAS REGISTERED WITH A FAKE SERIAL NUMBER
Good News [May 08, 2015]: IDM developers got smarter, but the crackers are always a step ahead. Follow this article and send an email to uglyduckblog@gmail.com if you are desperate. I can NOT post any crack here for legal reasons. Happy Downloading with IDM. ;) *********** first tip is to use latest crack for idm from  onhax.net idm universal web crack and make sure u are using all latest vers I am sure many of us are too much dependent on Internet Download Manager a.k.a. IDM. The main reason didn’t permanently switch to linux was IDM. I mainly use it for batch downloading and download streaming videos. Till yesterday, IDM was working fine with me (of course with fake serial numbers, keygen, crack, patch etc. which could be found with little effort). But few days ago, with the latest update version 6.18 build 7 (released on Nov 09, 2013) Internet Download Manager was literally had a breakthrough and crushed all the serial numbers, …

DoubleAgent Attack Turns Your Antivirus Into Malware And Hijacks Your PC



Short Bytes: Cybellum security researchers have uncovered a new attack mechanism that can be used to take control of your antivirus and turn it into a malware. Called DoubleAgent, this attack exploits an old and undocumented vulnerability in Windows operating system. This Zero Day code injection technique affects all major antivirus vendors and has the power to hijack permissions. The security researchers from Cybellum have found a new technique that can be used by the cybercriminals to hijack your computer by injecting malicious code. This new Zero-Day attack can be used to take full control over all the major antivirus software. Instead of hiding from the antivirus, this attack takes control of the antivirus itself. Called DoubleAgent, this attack makes use of a 15-year-old legitimate feature of Windows (read vulnerability)–that’s why it can’t be patched. It affects all versions of Microsoft Windows. Cybellum blog mentions that this flaw is still unpatched by most antivirus v…