By Niall McConachie, regional director (UK & Ireland) at Yubico

Ransomware attackers are steadily upping the ante in their extortion demands and attempts, intending to unleash major disruption onto global organisations and critical infrastructures. In fact, statistics from 2021 revealed a significant increase in the number of high-profile security breaches, many involving devastating ransomware attacks. Now, over halfway into 2022, the frequency of these attacks is only expected to rise as ransomware groups are emboldened by their past success last year.

These recent ransomware trends – as well as other major cybersecurity concerns – have prompted the US Government to mandate increased cybersecurity practices by federal agencies to include multi-factor authentication (MFA) solutions. With this in mind, businesses of all scales should consider more advanced methods of cybersecurity protection to match, if not surpass, the degree of sophistication demonstrated by today’s ransomware attacks.

Choosing the right cybersecurity

All modern businesses should have procedures in place to protect themselves in the event of a major cyberattack event – particularly when it comes to a ransomware attack. A robust response plan needs to be put in place and made to include additional aspects of the business such as the need for insurance coverage, cyberthreat detection, business recovery, and what to do if recovery efforts fail. With so many different aspects to account for, it is important to ensure that the right cybersecurity solution also meets the unique needs of the organisation.

Many ransomware attacks start with phishing scams, credential stuffing, and other credential-stealing tactics, which can impose significant risks onto targeted companies. Cybercriminals have also proven their ability to bypass single-factor authentication and weak MFA security measures – allowing them to manoeuvre throughout an environment with less likelihood of detection. Modern FIDO-based protocols resilient to common attacks can support companies looking to adopt more robust forms of business-wide authentication. This includes hardware-based or biometric cybersecurity key solutions, for example.

Zero Trust is another cybersecurity measure to consider when defending against emerging ransomware risks. After the US government announced its Zero Trust Maturity Model executive order in September 2021, the adoption of Zero Trust initiatives had significantly increased amongst global organisations. Zero Trust initiatives create a fundamental change in how organisations view their cybersecurity – beginning with the presumption that all environments are hostile. Adopting this stance can help organisations significantly reduce the effects of a data breach due to there being a limited window of opportunity. With this approach, the concept of trust can only be gained through thorough inspection and strong authentication and must be re-established on a regular basis.

Additionally, the cloud offers a wide range of cybersecurity features and protocols. If used appropriately, the cloud can help large businesses with aspects of their cybersecurity that may be especially challenging, such as mitigating risks involving ransomware attacks and email takeovers. Ultimately, the combined use of the cloud, strong MFA, and federated identity can put organisations of all scales in the best position possible to successfully defend themselves from potential ransomware attacks.

Other areas in need of improved security

Global supply chains are in serious need of improved cyber protections to better mitigate emerging ransomware attacks. Therefore, organisations within the supply chain have the mutual responsibility to ensure the secure design, development, and operation of supply chain technology. Starting by implementing good data security practices using strong authentication, least privilege authorisation models, and robust integrity controls can help organisations to both establish trust and mitigate risks throughout the development process. Additionally, organisations that choose to use these technologies must comply with approved industry-wide practices – like Zero Trust for example – to make sure that the technology remains secure with resilient access control models, patching, and isolation.

Lastly, user privacy will be a continued focus for national and international regulators. It is predicted that by 2024, 75 per cent of global users’ personal data will be protected by modern data privacy laws – according to Gartner. With laws such as CCPA and GDPR – and the UK’s soon to launch Data Reform Bill – already in effect, the next challenge for organisations will be to navigate through the multiple data protection laws enforced by different countries.

Although current CCPA and GDPR regulations do not set modern authentication as a requirement, it is expected that further prescriptive requirements will be put in place as more nations establish data protection requirements of their own.

Ransomware attacks against the most critical yet vulnerable sectors are on the rise – with supply chains, schools, local governments, and hospitals some of the most heavily impacted. The immediate cause of these attacks is unclear. However, what is clear is that these attacks have managed to compromise weak and ineffective login security measures used by their targets. As the emphasis on cybersecurity is more crucial than ever, key stakeholders and business leaders must be proactive in better securing their data in order to prolong their business continuity. Only by choosing the right cybersecurity solution, protecting critical public services, and improving current data protection laws, can modern organisations have a better chance of protecting themselves from future ransomware attacks.