Oloruntimehin: Organisations Must Mitigate Ransomware Attacks

0

Cisco Country General Manager, Mr. Olakunle Oloruntimehin, spoke with Emma Okonji about ransomware and malware attacks, their effect on businesses, the solutions and how best to guard against future attacks. Excerpts:

Cisco recently released its 2018 Cybersecurity Report, which revealed how 94 per cent of companies surveyed around Middle East and Africa, suffered ransomware attacks in 2017. Can you share more details about the report?

The report is the outcome of a survey conducted on 3,600 Chief Information Officers (CIOs) around Middle East and Africa, Nigeria inclusive, which highlighted increase in ransomware attacks on businesses. The Cisco Cybersecurity Report identified the evolution of ransomware as one of the most significant threat developments over the past year. The report also highlighted that malware had become more vicious and harder to combat and that attackers are developing more skills in creating malware that can evade traditional sandboxing. It also revealed that adversaries are increasingly embracing encryption that is meant to enhance security, to conceal command-and-control activity and that nearly half of the security risk that organisations face stems from having multiple security vendors and products.

As an IT networking company, what is the interest of Cisco in cybersecurity report, which it has consistently invested in for the last eleven years?

We have been involved in cybersecurity survey and report in the last eleven years and we are in it because it helps us manage our customers better and keep them abreast of latest development in the cybersecurity space.

What is your general view about the 2018 Cybersecurity Report?

The report has enabled us to see an increase in cybersecurity attacks, especially the ransomware attacks, malware attacks and phishing. It was also discovered that although there had been an increase in encryption of data, there was also increase in the volume of malware transmitted from encrypted data. For example in 2016, 38 per cent of data traffic was encrypted and 11 per cent was used to transmit malware, while in 2017, 50 per cent of data traffic was encrypted, but 70 per cent was used to transmit malware. So encryption is encouraging hackers to launch more attacks under cover, since the data traffic has been encrypted and people will not see what is going on inside it.

What  are the impact of ransomware attacks on businesses?

The impact is in multiple folds. It leads to loss of revenue, unavailable services, reputation risk, damage of data, downtime in businesses, among others.

Having highlighted the impact of ransomware attacks, how are businesses responding in mitigating the attacks?

As a technology company, we have always advised our customers to look at mitigation from three ways: The first is to invest in people to ensure that workers are fully educated to manage crisis from such attacks; the second is to invest in processes, and ensure that sustainable processes are in place to address malware and ransomware attacks, and the third one is to invest in technology that will prevent such attacks.

From the Cisco global cybersecurity report, which of the attacks is more prevalent in Nigeria?

We have various forms of cybersecurity attacks like ransomware,  malware and phishing, but the phishing is more prevalent in Nigeria. Phishing comes through malicious emails that come from people purported to have good reputation. We have also seen growing cases of web attacks. Although some of our customers experienced malware and ransomware attacks, but the frequency of attack is not as high as that of phishing and web attacks.

So how does Cisco protect its customers from any form of cybersecurity attacks?

Cisco is an IT Business to Business company and IT security is the key in the kind of business offerings we provide for our customers. In terms of market share, Cisco remains the number one in IT security market share. But globally, security is still in its fragmented state. So we are playing as the market leader in a fragmented security space. But for us, security is the key and we will continue to invest in cybersecurity in order to keep out customers informed with the latest trend in cybersecurity.

For us as Cisco, security is a prime focus, and our Talos intelligence group aim to help enterprises identify and understand attacks before they happen, while the output of Talos’ research is fed directly into the Cisco security product portfolio.

Cisco Talos has the industry’s largest group of security threat researchers in the world, comprised of world-class researchers, analysts and engineers.

They are reputable for blocking over 20 billion cybersecurity threats in one day.

What is the greatest challenge to cybersecurity in Nigeria?

The biggest challenge is the expanding threat landscape of cyberattacks. To address this, companies are beginning to move their data to the cloud, because we have security threats on premise and in the cloud and this has opened up a new frontier on how to deal with security issues.

Nigeria has cybersecurity law, which was signed into law in 2015. To what extent is the country’s cybersecurity law helping to address cybersecurity issues in the country?

The Nigerian Cybersecurity law is a good step in the right direction. Having had that document in place, the next thing is to create awareness about the existence of such laws as well as implement the policies of the cybersecurity law. We need to see the execution of the laws to serve as a deterrent to hackers who consistently launch cyberattacks like ransomware, malware

and phishing.

 

Nigerians have, over time, criticised the Cybersecurity law, describing it as a draconian law that is punitive. What is your take on it?

As responsible partners to government, we are always delighted to present our feedbacks on matters of national interest like the issues with the cybersecurity law. What we do is to share perspective from various countries were we operate and have local presence. So I believe in feedbacks and the feedbacks we get from people will spur government to do the needful concerning amendment and implementation of the country’s Cybersecurity law.

As IT security company, what is Cisco doing to mitigate cyberattacks, especially malware and ransomware attacks?

Like I mentioned earlier, Cisco has a global IT security company called Talos that generates trusted security intelligence globally. The cybersecurity information that we get from Talos, is used for planning purposes, as well as capacity building purposes. Such cybersecurity information we get from our partner, makes us to become fully prepared to address the challenges of cybersecurity across businesses in the country. It also makes us fully prepared to serve our customers better when it comes to issues of cybersecurity.

What are the common breaches faced by customers in terms of cybersecurity attacks?

Common security breaches are phishing, malware and ransomware attacks. We also have vulnerabilities in terms of operating the systems software. We also have direct attacks on the web, which most customers suffer from.

So how will you describe organisational downtime in relation to breaches emanating from cyberattacks?

Breaches are inevitable for organisations because hackers are developing new methods of attacks, even as IT security experts are trying to move ahead of the attackers. So it is important for businesses to invest in people, technology and processes in order to be on top of the game to mitigate online attacks of any form. All three must be combined together to fully address the challenges of online attackers. If an organisation has the best of technology solutions and refused to invest in its staff in terms of training and awareness creation, then such organisation will still get it wrong in the fight against malware and ransomware attacks.

What are the likely things that customers should look out for when trying to protect their data from malicious attacks?

Most organisations do not know when they are attacked. Some attacks must have been launched several months back before some organisations even know that they have been attacked. So it is always good for organisations to be sensitive to changes in their systems and there are some signs to watch out for to know if an attack has been launched. Organisations must be sensitive to behavioural change of their system. When systems fail to work the way they are programmed to work, there could be likely case of cyberattack.

What is your view about insider connivance in relation to cyberattacks and what must organisations do to avoid such situation? 

Not all cyberattacks are generated from the outside. There are cases where there are insider connivance, where disgruntle staff will connive with outsiders to launch attacks from within. But in all of that, Cisco has solution to checkmate the excesses of organisation’s staff and we can monitor them using remote control to find out what exactly they do when they are online at work. We also help organisations to build and develop security operation centres. We have tools that prevent insiders from unathorised access to certain areas of the organisations system.

The impact of cyberattacks on enterprise companies and small businesses cannot be the same. Does Cisco has solutions tailored towards small businesses that will help mitigate malicious cyberattacks?

We have solutions for both enterprise businesses and small businesses, but the best way for small businesses to survive all of these, in terms of cost of purchasing IT security solutions, is for the small businesses to buy solutions on pay-as-you-use basis, which allows them to pay for only the security solutions that they actually needed. As they scale up, they can expand their security solution portfolio.

Do you see cloud computing as a solution for mitigating cyberattacks?

Cloud is a service and not a location. Just like every other service, the cloud as a service comes with its own opportunities and challenges in mitigating cyberattacks.