10 worrisome ransomware predictions for 2019
February 6, 2019 7:29 AM
10 worrisome ransomware predictions for 2019
Many organizations—including those in healthcare—are not fully prepared for ransomware threats, say Rackware CEO Sash Sunkara and Chief Architect Todd Matter. "Ransomware is still a concern for good reason," Sunkara says. "We've really only seen the first wave of these attacks. Enterprises put processes in place to protect themselves in the wake of the initial attacks, but we've yet to see the worst that these attacks can do." There are 10 significant reasons for HIT security execs to worry, they say.
Ransomware won’t spare any organization
Enterprises of all sizes underestimate how vulnerable they are, but they can’t afford to make this mistake in 2019. When organizations don’t believe they’re a target, they don’t feel the need to put systems and processes in place to ensure they would survive an attack. And, the worst time to start thinking about it is in the midst of an attack.
Future attacks will be more sophisticated
Threat actors will only become more aggressive, and enterprises need to explore more sophisticated solutions. They’ll need a comprehensive option rather than a temporary fix if they plan to survive the threats that lie ahead.
Concern grows around cloud security
In general, clouds are as secure—if not more secure—than most data centers. However, cloud environments have the same vulnerabilities that data centers do. As ransomware threats become more sophisticated, cloud providers will need to continue introducing protective measures to protect healthcare and other data.
Cloud protection likely won’t go far enough
When an organization migrates workloads to the cloud, IT executives no longer have to worry about managing a physical data center, boxes or a network. But managing applications, monitoring performance and maintaining a level of security is shared responsibility between the cloud provider and enterprise IT. Cloud providers supply infrastructure, but it’ll be up to enterprise IT groups to ensure they have more security in place in 2019. If organizations don't have the right protections in place, it will only hurt the business because a service provider can walk away at any time.
Stealthier tactics will bring some enterprises to ruin
"We’ve worked with plenty of IT teams who thought that, if they were hit with ransomware, they would know about it right away," says Sunkara and Matters. Unfortunately, organizations that share this belief will experience data compromises in 2019. Threat actors are getting smarter, so intrusion detection and protection solutions aren’t optional. Hackers will infect an enterprise and let it go on for weeks or months before they make it known and, by then, it’s too late.
False positives will trigger uncertainty
Enterprises are implementing safeguards, but those won’t be effective if the alerts aren’t reliable. If threat detection solutions regularly flag every small thing, IT teams will eventually stop paying attention—putting them and the data they’re protecting at greater risk. Organizations will want to make sure they have a smart system that raises alerts when something is really wrong vs. sending out a high volume of false alarms.
Backup and protection plans are likely to fail
Enterprises that have protection or disaster recovery plans in place will still succumb to a ransomware attack if they don’t routinely test or validate for their environment. If organizations don’t test their solution, they might as well not one at all. "You need to know what you’ll do when everyone’s looking at you and you’re losing money by the hour,” Sunkara and Matters explain. IT executives need to proactively determine what to do in all scenarios so they’re not scrambling when an attack occurs.
To work, cloud segmentation must be optimized
A good monitoring system is critical, but enterprise cloud setups also will need proper segmentation if they hope to survive an attack. Organizations will need to ensure that an infection won’t impact their entire cloud environment in the event of a breach.
The likelihood of attacks will increase
As healthcare organizations and other businesses become more connected, and hackers become more motivated, the chances of the enterprise getting hit will increase. Threat actors are, unfortunately, making money off of these attacks, and that’s driving them to keep evolving. They’re discovering more opportunities to strike, which is only increasing the likelihood that operations will be affected if a plan isn’t in place.
Security will depend on a mastery of the basics
If enterprises don’t have the right detection or backup measures in place, they’re not necessarily doomed. Mastering the basics is a good starting point. That includes investing in intrusion detection and protection. Opening up to these kinds of mechanisms for prevention and recovery can help mitigate any new threats that are coming to cloud environments.
