Would you know what to do in a ransomware attack?

Would you know what to do in a ransomware attack?

Welcome to this week’s LEAP:IN newsletter. Each week, we unpack leader’s powerful quotes and decipher the tech landscape. With exclusive content from some of the world’s leading experts in AI, robotics, space, edutech, climate tech and more, read on to discover this week’s insights and subscribe to receive weekly updates direct to your inbox.

subscribe
 

This week we’re quoting…

Paula Januszkewicz (Founder and CEO at CQURE)

What Januszkewicz said:

“What we have to focus on nowadays [in cybersecurity] is not only monitoring of the components of the infrastructure, centralising them in one, and then having some smart technology that’s going to revise them — for example based in a cloud that is relying on machine learning or artificial intelligence detection. But also one that is going to tell us, in the best possible way, what kind of things we should do because we are under attack.” 

Do you know what to do if your company is attacked?

In 2021 a company fell victim to a cyber attack every 39 seconds (source: Techjury). And in 2022, estimates suggest there’s an attack every 14 seconds (source: DataProt). 

Which means it’s pretty important that every company has a post-incident recovery plan, and everyone involved in that plan knows what their role and responsibilities are. 

But a 2020 survey by Kaspersky found that: 

  • 45% of employees don’t know how to respond to ransomware attacks.
  • 37% were unable to define the terms ransom and ransomware.
  • Of those who’d experienced a ransomware attack before, two in five (40%) said they didn’t know the steps necessary to respond to an attack, and 30% said disconnecting a computer from the Internet would be the first step.
  • 68% felt that IT security teams were the people responsible for dealing with cyberattacks.

So basically, a worrying number of people wouldn’t know the best first steps to take if they learnt their company was under attack. 

What ARE the best steps?

It depends. Which is exactly why Januszkewicz is right — a security system that can intelligently identify the type of attack, and then provide users with guidance on what to do, is invaluable.

Generally speaking, there are a few steps that should be taken when a company’s hit by a ransomware attack, as detailed by a number of experts speaking to Forbes. But they’re not universal, and might not apply to you, depending on the type and extent of the attack and on the security system and team you have in place. 

  • Communicate and investigate to figure out the extent of the disruption, so you can build a response plan.
  • Check if the backup system has been breached (because if it hasn’t, as soon as the breach has been sealed, data can be restored and your company can probably avoid paying a ransom).
  • Isolate affected devices. As much as possible, team members should go through a rehearsed response to isolate devices from the network to contain the reach of the attack.
  • Inform team members, customers, and/or users right away. Don’t try to bury the breach — transparency is the best approach to maintain trust.
  • Similarly, let stakeholders know what’s going on.
  • Make a plan for your response. You might need to have negotiators on board to talk to the hackers, and you’ll need to inform law enforcement and plan your public response. Bring your whole team in on this so everyone knows what’s going on. 
  • Review and update procedures with your cybersecurity team or provider. Consolidate what you’ve learnt from the attack, and what could be done better next time. 

And in case you didn’t know…

A ransomware attack uses unbreakable encryption to target your data. It’s why companies often have to pay the ransom to get their data back (and it’s why you might not have to pay that ransom if your backup system hasn’t been breached). 

In 2020, one in three ransomware attacks was conducted by the Sodinokibi ransomware family, according to information from the IBM Security X-Force. But no, that doesn’t mean it’s a family business; Sodinokibi is Malwarebytes’ detection name for a subgroup of ransomware that attacks Windows systems. 

Watch the video: Paula Januszkewicz on cyber attacks and defense transformation

And…

Mohammed Al Barrak (CTO at Jahez)

What Al Barrak said: 

“There are still untapped opportunities that we can leverage using today’s technology, to take us to the total level to generate a digitised era.” 

The ‘end of work’ myth

For years, people have either feared or hoped that robotics will bring us to a point where human beings no longer have to work at all. And digital services tech adds more fuel to the fire for those who eagerly anticipate/dread (depending on your feelings on a life without work) the point at which we’ve created technology so efficient that we can all sit back and…do whatever it is we’d do if we weren’t working. 

Tony Dundon and Debra Howcroft (both Professors at the UK’s University of Manchester) dispel that myth in this co-written article, suggesting that it’s “more likely that managers will forego efficiency-generating gains from digital technologies because of a fear of losing control.” 

And writing for the Harvard Business Review, Ashley Nunes (a workforce productivity expert) said that tech doesn’t just create or destroy jobs, but transforms them instead — with the potential to either boost or reduce wages, change the type of labour that human beings need to do, increase safety and productivity, and reduce errors.

Nunes suggested that businesses that are integrating tech into their operations should consider these three questions:

  1. What can’t the technology do? “Technological valor may be dizzying but it too — much like humans — has limits. What are they?”
  2. What’s the impact of those limitations on the business operation? “Investing in tech can boost productivity, but only up to a point.”
  3. Does the cost of overseeing the tech make it a worthwhile investment? 

But while digital tech won’t end work, it can make life better

As Pew Research put it, “Living longer and better lives is the shining promise of the digital age.” 

And at the heart of that, and of the success and growth of all digital service technology, is communication. 

Digitisation facilitates fast and easy communication not just between people, but between different aspects of our lives. We can see and feel and leverage the connections between all the things we have to do and think about, and gradually piece together an easier, simpler way of living. 

Or at least, that’s the dream. 

A quick hop down a rabbit hole, to finish…

In that article by the two Professors we mentioned earlier, they wrote something about an ‘electronic cottage’. We couldn’t resist going down that rabbit hole, and this is what we discovered: 

A futurist named Alvin Toffler coined the term ‘electronic cottage’ in his book, The Third Wave, first published in 1980. And the electronic cottage appears to have been a clairvoyant description of post-COVID-19 life. It’s about (then non-existent) interconnected devices that enable people to work from their homes and build a new way of living and driving economic growth. 

Sounds…familiar.

Welcome to this week’s LEAP:IN newsletter. Each week, we unpack leader’s powerful quotes and decipher the tech landscape. With exclusive content from some of the world’s leading experts in AI, robotics, space, edutech, climate tech and more, read on to discover this week’s insights and subscribe to receive weekly updates direct to your inbox.

subscribe
 

Related
articles

It’s real: A positive relationship between art and tech

LEAP 2024 speaker Otto Plesner (Creative Director at RenaiXance) has a background in theatre and performing arts – and he’s using that creative foundation to imagine new ways for artists to engage with emerging technologies.  In his multi-sensory show The Art of Memory, he blends AI-powered visuals with evocative scents,

The space industry is making room for startups

Like space exploration itself, launching a project in the space sector has conventionally been something that only major players could attempt to do. But the industry is changing – and it’s making room for startups and small businesses to add new dimensions to business beyond this world.  Francesco Bongiovanni (CEO

In an ideal world: AI in education

Before he arrived in Riyadh for LEAP 2024, we caught up with Dr. Lin Zhou (SVP and Chief Information Officer at The New School).  Zhou joined The New School in 2019, following 20 years at IBM – where he was program director and innovation leader for Watson Education, leading it from