Dr Patrick Scolyer-Gray
29 Sep. 2021

Cybersecurity

The Ransomware crisis: It’s Time to Retake Control

The discussion so far has dovetailed into an argument for how techno-centric and HCCS can (and do) work together to resist and repel cybercrime, and although it is great to have a strategy for what we need to do, we need to remain cognisant of the sobering reality of our predicament: The ransomware crisis is far beyond the scope and capabilities of any single company or organisation.

Apart from shamelessly plugging the human centric cybersecurity (HCCS) capabilities offered by 460degrees, my point here is to demonstrate there is a way forward that works without intruding upon or siphoning from starving cybersecurity budgets.

Humans have survived and advanced because we are a cooperative species: We need to leverage that advantage

As contradictory or heretical as it might be to the capitalist dictums of market capture, what I am proposing is we pursue cooperation based on our common interest in preserving the nation and the viability of business for all.

In addition to integrating HCCS into as much critical infrastructure as fast as possible, we also need to alter the field of play that is currently heavily skewed in favour of cybercriminals.

We have a discourse to overcome that is backed by empirical evidence and goes something like this:

When you are hit with ransomware then you are in a lose-lose situation that can only be assessed on a spectrum of terrible to irretrievable disaster. It is imperative that we counter this perception through effective deployment of preventative measures (a speciality of HCCS) and we need to lose the defeatist attitude and replace it with something more aggressive. Think of it this way: When was the last time a large group of people found themselves besieged and walked away from the conflict victorious by being apathetic about the situation and their adversary?

The barriers to entry for attackers are low

At present, the financial calculus of ransomware attackers is fantastic. It’s cheap and easy to acquire and deploy ransomware, lots of people are doing it and relatively few victims are reporting it – even fewer when an attack is underway. Attackers need not worry about attracting too much heat or attention from authorities and, most importantly, the majority of victims keep paying the ransom!

Better still, with all the high-profile media coverage of ransomware attacks, everybody now knows that no matter how massive a company might be, if you work hard and have an eye for detail, you can expect to successfully extract millions of dollars from any organisation you like.

So much for “we will not negotiate with terrorists”.

We are also dealing with a low-risk, high-return cybercrime that any muppet can execute with a bit of time invested in watching tutorials on YouTube combined with a little help from Google.

We need to raise those barriers

Unless we want said muppets to become a new kind of wealthy ruling elite, we must immediately pursue radical changes in our human centric and technological cybersecurity strategies to make sure ransomware stops being a practical and/or financially viable way for cyber threat actors to make money.

It is time to accept that multiple parties have roles to play here, it’s time to cooperate and accept that mistakes have been made. Let’s just skip the blaming and finger-pointing and get on with combating the ransomware, shall we?

Going inside out, rather than outside in

A first step would be to invert our focus from perimeter defences and technological layers of security to a revised paradigm where we strengthen people and improve their working relationships with the cybersecurity tools they have at their disposal.

For example, we have seen some promising results in countering ransomware attacks by using endpoint protection software and other technology. But this requires staff comprehension and adoption (HCCS) and proper configuration to perform the task required (conventional cyber).

Enhancing cyber resilience depends on the seamless integration of conventional and human centric cybersecurity, but it is entirely achievable and produces exceptional results.

The frontline defence for any organisation is its staff

In sum, no matter how you look at it, fighting the ransomware crisis threatening Australia’s critical infrastructure requires we immediately put HCCS centre stage. And, since the vast majority of ransomware is delivered via email, the most important defence against ransomware for any organisation becomes its staff – the human element.

Unfortunately, this has not yet become the mainstream understanding of the ransomware crisis in government or industry; they continue to bubble wrap critical infrastructure in as much cybersecurity tech as possible.

This is futile: Even with the best defences in the world, all it takes is one person to click one malicious link or download one attachment for ransomware to annihilate an organisation. For Colonial Pipelines it was one weak password.

Bottom line: We can do this the easy way, the hard way, or not at all. The HCCS team at 460degrees are poised to operate in all three of those environments, are you?


This is the forth in a series of four articles tackling ransomware. You can view the other articles in this series here:

Article One: Australia’s Ransomware Crisis

Article Two: Ransomware: what technologists don’t want to hear

Article Three: Techno-Centric Cybersecurity and HCCS: Can’t we all just be friends?

More insights from Dr Patrick Scolyer-Gray

Mastering Risk Management Episode #63 - Dr Patrick Scolyer-Gray
Podcast

Mastering Risk Management Episode #63

When human error accounts for up to 95% of data breaches, technology clearly isn’t the problem. We are. In this […]

Dr Patrick Scolyer-Gray | May 31st, 2023
Video

Deep Dive on Cybersecurity

Human-Centric Cybersecurity Champion, Dr Patrick Scolyer-Gray, shares his knowledge and experience on all aspects of cybersecurity.

Dr Patrick Scolyer-Gray | Feb 11th, 2022
Article

Techno-Centric Cybersecurity and HCCS: Can’t we all just be friends?

In my last article, I made the argument that Human Centric Cybersecurity (HCCS) and conventional technical elements of cybersecurity need to work together as a unified front when combating ransomware. So, how does that work in practice when applied to combating ransomware?

Dr Patrick Scolyer-Gray | Sep 17th, 2021
Article

Ransomware: what technologists don’t want to hear

Having recently covered the basics on ransomware and why it’s a clear and present danger, it’s time to look at the limitations of what has been the traditional approach used to try and resolve these issues.

Dr Patrick Scolyer-Gray | Sep 3rd, 2021
Article

Australia’s Ransomware Crisis

Cybercrime has long been the stuff of the Internet’s collective cultural imagination; a well-worn stereotype of the hooded figure hunched over a keyboard. It might sound dramatic but make no mistake; ransomware attacks have grown in scale and frequency to a point where they now threaten the safety and wellbeing of all Australians.

Dr Patrick Scolyer-Gray | Aug 20th, 2021
Article

The Egg Story: the delicate connection between you & your security technology

Your organisation’s sensitive information is like the inside of an egg. To ensure their security against cyber attacks, most organisations today add layers of protection, constantly updating and investing in different methods to improve the protective properties of their ‘eggshell’. do you know how safe your egg is?

Dr Patrick Scolyer-Gray | Feb 4th, 2021