Dr Patrick Scolyer-Gray 29 Sep. 2021
Cybersecurity
The discussion so far has dovetailed into an argument for how techno-centric and HCCS can (and do) work together to resist and repel cybercrime, and although it is great to have a strategy for what we need to do, we need to remain cognisant of the sobering reality of our predicament: The ransomware crisis is far beyond the scope and capabilities of any single company or organisation.
Apart from shamelessly plugging the human centric cybersecurity (HCCS) capabilities offered by 460degrees, my point here is to demonstrate there is a way forward that works without intruding upon or siphoning from starving cybersecurity budgets.
As contradictory or heretical as it might be to the capitalist dictums of market capture, what I am proposing is we pursue cooperation based on our common interest in preserving the nation and the viability of business for all.
In addition to integrating HCCS into as much critical infrastructure as fast as possible, we also need to alter the field of play that is currently heavily skewed in favour of cybercriminals.
We have a discourse to overcome that is backed by empirical evidence and goes something like this:
When you are hit with ransomware then you are in a lose-lose situation that can only be assessed on a spectrum of terrible to irretrievable disaster. It is imperative that we counter this perception through effective deployment of preventative measures (a speciality of HCCS) and we need to lose the defeatist attitude and replace it with something more aggressive. Think of it this way: When was the last time a large group of people found themselves besieged and walked away from the conflict victorious by being apathetic about the situation and their adversary?
At present, the financial calculus of ransomware attackers is fantastic. It’s cheap and easy to acquire and deploy ransomware, lots of people are doing it and relatively few victims are reporting it – even fewer when an attack is underway. Attackers need not worry about attracting too much heat or attention from authorities and, most importantly, the majority of victims keep paying the ransom!
Better still, with all the high-profile media coverage of ransomware attacks, everybody now knows that no matter how massive a company might be, if you work hard and have an eye for detail, you can expect to successfully extract millions of dollars from any organisation you like.
So much for “we will not negotiate with terrorists”.
We are also dealing with a low-risk, high-return cybercrime that any muppet can execute with a bit of time invested in watching tutorials on YouTube combined with a little help from Google.
Unless we want said muppets to become a new kind of wealthy ruling elite, we must immediately pursue radical changes in our human centric and technological cybersecurity strategies to make sure ransomware stops being a practical and/or financially viable way for cyber threat actors to make money.
It is time to accept that multiple parties have roles to play here, it’s time to cooperate and accept that mistakes have been made. Let’s just skip the blaming and finger-pointing and get on with combating the ransomware, shall we?
A first step would be to invert our focus from perimeter defences and technological layers of security to a revised paradigm where we strengthen people and improve their working relationships with the cybersecurity tools they have at their disposal.
For example, we have seen some promising results in countering ransomware attacks by using endpoint protection software and other technology. But this requires staff comprehension and adoption (HCCS) and proper configuration to perform the task required (conventional cyber).
Enhancing cyber resilience depends on the seamless integration of conventional and human centric cybersecurity, but it is entirely achievable and produces exceptional results.
In sum, no matter how you look at it, fighting the ransomware crisis threatening Australia’s critical infrastructure requires we immediately put HCCS centre stage. And, since the vast majority of ransomware is delivered via email, the most important defence against ransomware for any organisation becomes its staff – the human element.
Unfortunately, this has not yet become the mainstream understanding of the ransomware crisis in government or industry; they continue to bubble wrap critical infrastructure in as much cybersecurity tech as possible.
This is futile: Even with the best defences in the world, all it takes is one person to click one malicious link or download one attachment for ransomware to annihilate an organisation. For Colonial Pipelines it was one weak password.
Bottom line: We can do this the easy way, the hard way, or not at all. The HCCS team at 460degrees are poised to operate in all three of those environments, are you?
This is the forth in a series of four articles tackling ransomware. You can view the other articles in this series here:
Article One: Australia’s Ransomware Crisis
Article Two: Ransomware: what technologists don’t want to hear
Article Three: Techno-Centric Cybersecurity and HCCS: Can’t we all just be friends?
When human error accounts for up to 95% of data breaches, technology clearly isn’t the problem. We are. In this […]
Human-Centric Cybersecurity Champion, Dr Patrick Scolyer-Gray, shares his knowledge and experience on all aspects of cybersecurity.
In my last article, I made the argument that Human Centric Cybersecurity (HCCS) and conventional technical elements of cybersecurity need to work together as a unified front when combating ransomware. So, how does that work in practice when applied to combating ransomware?
Having recently covered the basics on ransomware and why it’s a clear and present danger, it’s time to look at the limitations of what has been the traditional approach used to try and resolve these issues.
Cybercrime has long been the stuff of the Internet’s collective cultural imagination; a well-worn stereotype of the hooded figure hunched over a keyboard. It might sound dramatic but make no mistake; ransomware attacks have grown in scale and frequency to a point where they now threaten the safety and wellbeing of all Australians.
Your organisation’s sensitive information is like the inside of an egg. To ensure their security against cyber attacks, most organisations today add layers of protection, constantly updating and investing in different methods to improve the protective properties of their ‘eggshell’. do you know how safe your egg is?
