Ransomware: a growing threat for businesses

31 August 2016

The latest Cisco Cybersecurity Report makes for interesting reading - and not just for cybersecurity professionals like myself. Among its major findings are that ransomware continues to dominate the malware threats faced by businesses: criminal gangs in particular have realised there's big money to be extorted from organisations desperate to restore access to their data.

For the uninitiated, it's perhaps alarming that many successful ransomware attacks are enabled through exploit kits, which themselves typically try to exploit a number of common vulnerabilities. In their analysis of the Nuclear exploit kit, for example, Cisco researchers found that vulnerabilities in Adobe Flash accounted for 80% of its successful exploit attempts.

More alarming still is that many exploits hinge on vulnerabilities for which there are already patches. In an analysis of 115,000 of its own devices on the internet and in customer environments, Cisco found that an astonishing 92% had unpatched vulnerabilities - and one in 10 had vulnerabilities first published more than 10 years ago.

As Cisco puts it, "the gap between the availability and the actual implementation of... patches is giving attackers ample time to launch attacks". On average, Cisco found, the products it sampled were running for five years with known vulnerabilities - something that, in lieu of available internal resources to actively implement a robust patch management programme, really does make the case for a good managed services contract.

An extra layer - exploit protection for endpoints

There's an obvious warning here for organisations to ensure the timely application of updates and patches across the software and hardware estate, but organisations are complex and oversights happen: it's here that next-generation security products can offer an extra layer of defence.

As well as offering automated endpoint protection to block both known and unknown threats, some endpoint protection products are designed to prevent application vulnerabilities being exploited. Through methods such as memory corruption prevention, logic flaw prevention and malicious code execution prevention, security risks from unpatched applications and operating systems can be mitigated.

You can download the full Cisco Cybersecurity Report here. Cisco's findings underscore the importance of a more in-depth approach to security, spanning not just hardware and software, but all aspects of the business - including its fundamental processes and the training and management of staff.

As a Cisco Premier Partner, Ideal has the expertise to conduct a full security review and architectural audit of your systems to understand where you might be vulnerable, then recommend a course of action to mitigate those risks. To book an audit, or if you just have questions about security, get in touch.

 

Header image: Quinn Dombrowski/Flickr, Creative Commons

Post image: redtype/Flickr, Creative Commons