At the endpoint protection cyber product company ThreatLocker, CEO Danny Jenkins discusses why firms should also be worried – and what they can do to protect themselves.
It’s a probability – not a possibility – that you’ll be hit by a cyber attack in the next five years, whether you know it or not.
Ransomware is so advanced we’ve reached a point now where any company can be hacked. There are 4,000 confirmed ransomware attacks in the US every day – and the real number is considerably higher as most people do not report an attack unless they have to.
We’re at a tipping point and that’s a scary thought. The state of cyber attacks is so bad now that it actually keeps me up at night. But what worries me most is that other people are not worried enough. Or doing enough.
One of the most effective ways to bring down organisations is through a cyber attack – and entire wars are fought in the cloud today, but countries are struggling to find ways to defend themselves. Post 9/11, the US government drew a hard line and stated: “We will not negotiate with terrorists”? Whatever happened to that? US cities paid gangs and terrorists 2.1 million dollars in ransomware last year.
Morally, you should never pay out when ransomware strikes – but it’s easy to stand there and say that when it’s not your company. Entrepreneurs, justifiably, feel they have a duty to do what’s best for their business, whatever that may be. But this isn’t the debate we should be having: Instead we should be arguing – why aren’t people putting controls in place to begin with?
For a long time, malware was a nuisance. The first and most famous case of disruption came in 2001 with the Love Bug Virus which infected one in every three businesses worldwide by spreading through email. We could see the potential of cyber threats back then. But it was more annoying than dangerous.
Today, malevolent software is a real business problem. And we need to step things up before it gets too late.
Big or small – you’re at risk
In a previous life, before starting ThreatLocker, I was paid to come into companies and break into their systems as an “ethical hacker”.
I learned very quickly that if your business has fewer than 100 staff, the door was open. There was never a company of that size I couldn’t get into.
I helped a school with its cybersecurity systems, and just to test how secure their systems were, I created a new email – Danny45678 – and asked all the teachers to send me their passwords for an “urgent systems update”. Within an hour, half the teachers in the school had responded with their details.
It just goes to show how important it is to educate staff on cybersecurity today. Computers don’t open bad programmes – people do. At the core of any cybersecurity solution, there must be measures in place to empower employees with the knowledge they need to steer clear of threats.
Small businesses tend to have fewer defence systems and may struggle to find resources/funding to train up staff on cyber knowledge. But big organisations have problems, too – these firms have thousands of employees who can open/download whatever they want without being monitored, which can put the whole company at risk.
Big or small – every business is vulnerable without the right protections.
The three main pitfalls for businesses in cyber security systems are:
-
Malicious employees – people who are actively trying to steal the firm’s data
-
Employees making mistakes – opening things they should not
-
Software which grants open access to data – if you or your computer can access something, so can a hacker
And there are three main ways to stop an attack:
-
Good staff – educated employees avoiding dodgy-looking emails and favouring a safety-first approach to downloading software/files
-
Detection tools – using software that filters emails and employs antivirus to snuff out suspicious software
-
Strict controls – putting physical limitations and restrictions in place to prevent people from opening anything unnecessarily, even if it looks safe
Having good staff and detection tools are great – but if you don’t have strict controls, it’s equivalent to setting up five house alarms and leaving the door unlocked.
The only true way to stay safe is through strict controls – allow only what you need and block absolutely everything else.
It’s this concept – Zero Trust – that can be the difference between an irritating hack and a devastating one…
The weaponization of software and how to fight it
In order to really embrace the idea of Zero Trust, it’s important to remember that malware and ransomware isn’t some otherworldly, unfamiliar entity. It’s just software. It speaks the same language as any other piece of code. The only difference is the intention. Viruses will come disguised as typical software – except with malicious code built into familiar patterns either side.
When you get your head around the fact that any software could be dangerous, the idea of Zero Trust begins to make complete sense.
Attackers may send blitz sieges or target firms specifically – but they only need to be invited inside once to cause a staggering amount of chaos. If they’ve found the tiniest crack of vulnerability, it’s game over.
Allowlisting and dual-factor authentication are your key assets in a Zero Trust defence. They will do more for your protection than detection tools because these defensive approaches are actively prohibiting any intervention by human beings.
Allowlisting will only run the basic programmes required for the business to operate smoothly, and dual factor authentication will put extra checks in place to determine whether the person attempting to access data is indeed who they say they are.
Cybersecurity has had to evolve rapidly to halt a more cunning breed of hackers – with huge organisations being taken down by the likes of WannaCry. We developed ThreatLocker because we recognised the necessity for this kind of next-level cyber solution – and we knew we were onto something good when our system successfully stopped WannaCry.
Cyberattacks will not stop, they will get worse. Hackers across the world – particularly from Russia, North Korea and China – are stealing and stockpiling data, and you will get breached sooner rather than later. That’s a fact.
It’s good to be scared, though. It’s this kind of thinking that will protect you. Trust nothing, block everything, and you can minimise the damage.
Visit: www.threatlocker.com.
