Friday, 13 August 2021

What businesses in SEA need to know about ransomware

*Produced by SilverKris for TM ONE*

In early July, cybercrime group REvil’s attack on Miami-based IT firm Kaseya had many people finally asking, “What is ransomware?”. Said to be the largest of its kind on record, the attack impacted over 1,500 companies in some 17 countries around the world that employ Kaseya’s services. These included kindergartens in New Zealand, IT businesses in Germany and petrol stations, pharmacies and a supermarket chain in Sweden. The latter had to close nearly 800 stores that were unable to operate their cash registers.

The Kaseya attack is the latest in a steady rise of cyberattacks around the world. Ransomware in particular has become more sophisticated. In 2020, for example, there were around 12,000 attempted ransomware attacks on Malaysian SMEs. Over in Singapore, according to the latest annual report by the Cybersecurity Agency of Singapore (CSA), ransomware incidents in the city-state rose an alarming 154% in 2020. Even the UN Security Council held its first public meeting about cyberthreats on national infrastructures.

Cybercrime has risen dramatically across the region during the pandemic. Photo:
Cybercrime has risen dramatically across the region during the pandemic. Photo:

During the pandemic, as more business operations go online and more teams work from home, the rise of ransomware can impact businesses regardless of size, location and industry.

Here’s what business leaders need to know about safeguarding their operations, employees and even customers against ransomware attacks.

What is ransomware and how can it harm business

Ransomware is malware that invades a company’s devices and encrypts operating systems and other data, locking businesses out of their own property. As the name suggests, cybercriminals then demand a hefty ransom to restore access. In the case of Kaseya, REvil sought a staggering US$70 million.

In many instances, ransomware can quietly invade systems and lie dormant for months before being activated. Thereafter, it can go on to breach other connected networks. According to IBM’s 2020 Cost of a Data Breach report, it can take an average of 280 days to even identify and contain a breach.

Newer, more sophisticated ransomware attacks can also involve blackmail. Cybercriminals may hold sensitive customer or business data hostage, threatening to publish it if the ransom is not delivered. As in the case of the Swedish supermarket chain, ransomware attacks can halt operations for days, destroy customer trust and damage brand reputation for many years to come. The IBM report also estimates that a data breach can cost a company an average of US$3.8 million.

Why ransomware threatens businesses of all sizes

While Kaseya is a relatively large enterprise, cybercriminals can threaten businesses of all sizes, including SMEs. In a recent interview with the Business Times, CSA chief executive David Koh said, “SMEs are part of the supply chain, servicing larger companies and the government. If people are trying to attack a large company, they may go through an SME because the reality in this domain is that it’s the weakest link.”

Working from home
Remote teams create vulnerable devices and networks. Photo:

The CSA report said Singapore’s 2020 ransomware incidents affected SMEs, as well as the manufacturing, retail and healthcare sectors. The report also pointed out that hackers are particularly focused on targeting supply chains and system weaknesses that have resulted from an increasingly remote workforce.

LEARN MORE: Affordable cybersecurity for your organisation with TM ONE CYDEC


How companies can limit ransomware threats

In many cases, the shift to remote working has resulted in security holes that leave companies vulnerable. Many breaches are avoidable when employees and business leaders are educated in basic cybersecurity hygiene. Individuals should always implement two-factor authentication wherever possible, and ensure their passwords are strong and not reused. At the company level, devices should not be operated on public networks, and software should be updated in order to benefit from the latest security measures.

Companies must also identify, protect and back up all systems and other business-critical assets and customer data. A usable back-up might mean that your company resume operations without paying the ransom. In fact, the CSA recommends not paying the ransom, as doing so identifies you as a soft target, vulnerable to repeat attacks.

At the organisational level, all businesses should have an emergency plan for business continuity in the event of an attack, and a reporting structure so that suspicious activity can be escalated immediately.

Cybersecurity partners for SMEs and enterprises

According to a 2019 survey by Singapore’s InfoComm Media Development Authority (IMDA), only 42% of enterprises that use the internet have cybersecurity measures in place.

Meanwhile, national security experts Benjamin Ang and Teo Yi-Ling from Nanyang Technological University advise that given ransomware’s ability appear dormant, companies should assume they have already been infected and check systems regularly.

In-house IT teams have too much on their plates to take on proactive cybersecurity needs. Photo: Shutterstock

At most companies, preventative responsibilities end up falling on the IT staff. But keeping abreast of ever-evolving cybercrime methods is a full-time job that most business leaders are unwilling or unable to allocate human resources and funding for.

In Singapore, there are resources made available by the government under the SMEs Go Digital Programme, as well as a Digital Resilience Bonus for food and retail businesses. The CSA is developing toolkits and cybersecurity certifications, to be made available by next year. In some cases, the CSA can also assist in decrypting.

Ultimately, though, prevention is better than cure, and outsourcing cybersecurity to reliable third-party experts is both affordable and safe. TM ONE, the enterprise and public sector business solutions arm of Telekom Malaysia Berhad (TM) is a leading regional cybersecurity partner, protecting data, identity, networks and devices through its TM ONE CYDEC programme.

Experienced in healthcare, finance, government and enterprise sectors, TM ONE CYDEC tailors cybersecurity solutions to needs and budgets of all sizes and provides continuous, real-time and predictive security. Its key services include Digital Risk Protection, Managed Security Services (MSSP), Managed Detection and Response (MDR) and Managed Unified Threat Management (MUTM).

LEARN MORE: Why businesses of all sizes need cybersecurity measures


By partnering with TM ONE CYDEC, businesses benefit from up-to-date knowledge on evolving cyberthreats, careful audits of system vulnerabilities as well as compliance with existing government guidelines on consumer privacy. Where companies already have IT teams that do some cyberthreat management, TM ONE CYDEC integrates with existing systems to maximise protection.

Whether you’re a huge enterprise or a new online retailer, two things remain the same: the growing need for digital agility and hygiene, and the rising threat of sophisticated cyberattacks. Complement your growth with careful protection.

To explore what a tailored cybersecurity partnership between TM ONE CYDEC and your business might look like, ask for an appointment at their official website.


The post What businesses in SEA need to know about ransomware appeared first on SilverKris.

from SilverKris

No comments:

Post a Comment