'Ransomware' is lurking - this is how you can save your startup

Earlier this year, hackers took control of computer system of three banks and a pharmaceutical company. They then demanded a ransom in exchange for decryption keys. It was no usual attack, but the dreaded LeChiffre ransomware.

To encrypt files, the hackers demanded one bitcoin each (around Rs 30,000) per computer for a total running into millions of dollars.

According to Symantec, India is the second most favoured destination for ransomware in Asia with the average number of attacks per day increasing 114 per cent to 15 attacks per hour. Almost 10 per cent of these attacks were crypto-ransomware – posing a threat to consumers and enterprises alike.

Also Read: Decoding the hacker attitude

“There is no antidote to many ransomware attacks. It’s impossible to decrypt the file once it’s hacked and encrypted. Only hackers can decrypt the files with the key,” says Sandeep Kamble, Co-founder of SecureLayer7, an integrated business information security firm that specialises in comprehensive IT security services.

He explained that recently, his client, who works with the ISP (Internet Service Provider) sector, suffered the ransomware attack and had to pay ransom for the key.

With various kinds of ransomware such as Reveton, Cryptolocker, Winlocker, and Cryptowall in operation, for many the antidote may not be available.

Attacks expose vulnerability

“The critical issue is… startups have no idea about how vulnerable they are to cyber-attacks,” says Harshit Agarwal, CEO and Co-founder of Appknox. The company offers solutions in automated testing tools for application developers and enterprises to help them identify and fix security loopholes in their applications. It works with companies like Paytm, Freecharge, Bigbasket, Swiggy, Times Internet, and Tiny Owl.

Also Read: Legal action against hackers and data theft

Harshit realised that many startups don’t care about even the basics of information security. Important data such as users’ credit card and personal information as well as critical data of the company are not rightly secured. Such casual attitude makes companies more vulnerable to ransomware or other kinds of online attacks.

Recently, one of the cab aggregators’ data, which happens to be Appknox’s client, was seized and hackers asked for ransom to release it. The company had no option but to pay up.

Cost of data breach

According to a report by Forbes, malware is infecting as many as 1,00,000 PCs a day around the world, with the demand that users pay the equivalent of $20 in Bitcoins to unlock their files.

According to an FBI report, the amount paid to ransomware criminals has jumped from $25 million in 2015 to $200 million in the first three months of this year in the US.

The Ponemon Institute’s 2015 Cost of Data Breach Study: Global Analysis reported that the fallout and clean-up efforts associated with data breach cost companies across the globe $3.79 million on an average.

The average cost paid for each lost or stolen record containing sensitive and confidential information has increased six per cent, jumping from $145 in 2014 to $154 in 2015. The average per capita cost of data breach is $217 in the US and $211 in Germany. The lowest cost is in Brazil ($78) and India ($56). The average total organisational cost in the US is $6.5 million and in Germany $4.9 million. The lowest organisational cost in Brazil and India is $1.8 $1.5 million, respectively.

Sector-wise, the retail industry’s average cost increased dramatically, from $105 last year to $165. On the other hand, the lowest cost per lost or stolen record is in the transportation industry, at $121, and the public sector, at $68.

Future of cyber attacks

According to the ISTR report, since 2013, cyber-attacks in India have evolved from law enforcement emails to crypto-ransomware. It adds that with growth in the "Internet of Things" (IoT) industry, vulnerability towards infections and new malware threats will only increase.

Also Read: Security is no more a luxury, but a necessity for startups

According to Shadab Siddiqui, Head of security engineering at Ola, as technology is evolving, so are cyber-attacks. It began with viruses, worms, DDoS, advanced persistent threats, to key and certificate-based attacks. Earlier, only websites were the targets. Now, mobiles are the new victims. Future targets will be IoT.

“IoT will become more vulnerable to attacks. And ransomware will extend to smart devices like coffeemakers, refrigerators, baby monitors, cars, wearables, and medical devices. Most wearables, which collect personal information, lack even basic security features,” adds Shadab.

Is there any solution?

According to experts, it’s impossible to build a perfect defence system and stop all attacks. However, one must take some preventive measures.

“The first and foremost recommendation is to follow OWASP Top Ten web application security measures. There should be proper checks on APIs. The second is encryption. The act of encrypting a database also reduces the incentive for individuals to hack the aforementioned database as meaningless encrypted data is of little to no use to hackers. And the third is back-end architecture, which should be strongly built,” says Harshit.

Besides, there’s a universal solution for ransomware which has existed for years. It's called Backup.

Today, cloud backup is the best way to protect your data and systems from ransomware – and more and more companies can take advantage of it via local service providers, hosters, and resellers. Experts suggest startups to use professional-grade data protection solutions to back up data and systems to the cloud on a regular, consistent schedule.

“Even if it’s impossible to build a full-proof defence system, companies can work to build resilience. Companies should consider the attack continuum and which technologies they need in place before an attack occurs, during an attack, and after the attack for systems remediation,” concludes Shadab.