High-profile cybercrime such as data theft, ransomware and computer hacks seem to be occurring more frequently and with higher costs, but cloud computing may provide the security that companies are searching for, experts suggest.
“Cloud computing improves IT security and security professionals need as much help as possible,” said Nick McQuire, vice president of enterprise research at CCS Insight.
“Cloud helps security operations respond quicker to threats and focus on business risk as opposed to spending countless hours researching threats and trouble-shooting aging on premises systems,” he told CNBC via email.
The cost of cybercrime is mounting. Research by Kaspersky Lab found the cost of a single ransomware incident (where an attacker encrypts a computer or network until a ransom is paid) can cost a company more than $713,000 on average, due to the costs of paying the ransom and related losses, such as value of lost data, the expense of improving infrastructure and repairing brand image. The recent “ExPetya” cyberattack hit more than 12,000 machines in over 65 countries.
“The average ransom demand we would estimate now is a little over $300. Not insignificant, but all the costs associated with cleaning up, restoring a back-up, making sure the network is functioning, can push that much higher,” David Emm, principal security researcher at Kaspersky Lab, told CNBC during a phone interview.
Despite the cost of cybercrime, many companies are not fully prepared to address this threat. Only 21 percent of 200 small- to medium-sized U.S. businesses said they are completely ready to manage security and protect against threats, according to an online survey by security provider Webroot published on Tuesday.
The lack of concern about ransomware is leaving a gaping hole in the security of businesses, according to Adam Nash, EMEA regional manager at Webroot.
“Small- to medium-sized businesses can no longer afford to put security on the back burner and need to start engaging with the issues and trends affecting the industry,” he said in a press release.
Philippe Very, professor of strategic management and head of faculty at EDHEC Business School, suggests that cloud computing can be safer for a company than investing in its own cybersecurity.
He says the dominant actors in the cloud computing space, such as Amazon, Microsoft, Google, IBM and Oracle, have business models which cannot afford to be disrupted by data breaches, which means they should be among the most secure companies in the world.
“If you sign a contract with Amazon, for instance, I would say you’ve signed a contract with a highly secured firm. This could be an incentive to invest more in the cloud, or transferring more company information systems to the cloud,” he told CNBC during a phone interview.
“It’s quite complex to prevent everything and be 100 percent secure. You cannot secure your information systems completely, but if you rely on cloud computing providers which are highly secured, it can be a good argument to contract with them.”
Very says the cloud computing providers have good internal practices, have high security around their core business and can use this knowledge in their other businesses such as cloud computing.
Cloud computing is already an attractive proposition for companies, as it can reduce costs.
“Companies are replacing investment with some kind of fee. This investment most of the time is difficult to scale and evaluate and you are always investing and investing and reinvesting in information systems. The main motivation for going to the cloud originally was not security, but this can become a key factor of success for cloud computing companies,” he said.
Cloud adoption escalated over the past 12 months as companies become more aware of the security benefits, according to CCS Insight’s McQuire.
“Established cloud vendors like Microsoft, Amazon and Google, have put eye-watering investments into the security of their infrastructure,” he said.
“This is much more than most businesses can afford and crucially, they have the talent in cyber security which all enterprises desperately lack as well.”
Ransomware attacks take two forms, according to Kaspersky Lab’s Emm. One form is extortion, where data is encrypted until the victim pays to get it back, and the other is targeted attacks focused on damaging data, such as the “ExPetya” attack.
“It wasn’t possible to get the data back, so clearly this was an attack designed to eradicate data rather than to try and squeeze money out of victims,” he said.
It is dangerous to pay the ransom as victims are unlikely to get the data back anyway, Emm says. The key to dealing with ransomware is limiting exposure and mitigating the risk. For instance, limiting data access rights within an organization reduces exposure. Segmenting the network and having a back-up of data will also achieve these aims.
Emm recommends the “No More Ransom” collaboration between Kaspersky Lab, McAfee, the Netherlands’ National High Tech Crime Unit and Europol’s European Cybercrime Centre, which helps ransomware victims to retrieve encrypted data. He says they have been able to decrypt data in around 30 percent of cases and helped around 29,000 people.
Cloud computing is still at risk from cyberattacks, warns Emm. While the cloud provides a good back-up of data, there’s a risk depending on when the cloud synchronizes with data affected by ransomware; if it synchronizes at the wrong time, the encrypted data could overwrite the clean data in the cloud.
“I’m not saying don’t use that as a storage medium. I would say maybe have different approaches. But definitely include in that mix a back-up to a physical storage device, such as a USB or a server somewhere, but bear in mind that any ransomware on a system could look around at what drives are connected and encrypt data there too,” he says.
Source: Tech CNBC
How cloud computing could protect firms against ransomware attacks