Would you know what to do in a ransomware attack?

Welcome to this week’s LEAP:IN newsletter. Each week, we unpack leader’s powerful quotes and decipher the tech landscape. With exclusive content from some of the world’s leading experts in AI, robotics, space, edutech, climate tech and more, read on to discover this week’s insights and subscribe to receive weekly updates direct to your inbox.

subscribe
 

This week we’re quoting…

Paula Januszkewicz (Founder and CEO at CQURE)

What Januszkewicz said:

“What we have to focus on nowadays [in cybersecurity] is not only monitoring of the components of the infrastructure, centralising them in one, and then having some smart technology that’s going to revise them — for example based in a cloud that is relying on machine learning or artificial intelligence detection. But also one that is going to tell us, in the best possible way, what kind of things we should do because we are under attack.” 

Do you know what to do if your company is attacked?

In 2021 a company fell victim to a cyber attack every 39 seconds (source: Techjury). And in 2022, estimates suggest there’s an attack every 14 seconds (source: DataProt). 

Which means it’s pretty important that every company has a post-incident recovery plan, and everyone involved in that plan knows what their role and responsibilities are. 

But a 2020 survey by Kaspersky found that: 

• 45% of employees don’t know how to respond to ransomware attacks.
• 37% were unable to define the terms ransom and ransomware.
• Of those who’d experienced a ransomware attack before, two in five (40%) said they didn’t know the steps necessary to respond to an attack, and 30% said disconnecting a computer from the Internet would be the first step.
• 68% felt that IT security teams were the people responsible for dealing with cyberattacks.

So basically, a worrying number of people wouldn’t know the best first steps to take if they learnt their company was under attack. 

What ARE the best steps?

It depends. Which is exactly why Januszkewicz is right — a security system that can intelligently identify the type of attack, and then provide users with guidance on what to do, is invaluable.

Generally speaking, there are a few steps that should be taken when a company’s hit by a ransomware attack, as detailed by a number of experts speaking to Forbes. But they’re not universal, and might not apply to you, depending on the type and extent of the attack and on the security system and team you have in place. 

• Communicate and investigate to figure out the extent of the disruption, so you can build a response plan.
• Check if the backup system has been breached (because if it hasn’t, as soon as the breach has been sealed, data can be restored and your company can probably avoid paying a ransom).
• Isolate affected devices. As much as possible, team members should go through a rehearsed response to isolate devices from the network to contain the reach of the attack.
• Inform team members, customers, and/or users right away. Don’t try to bury the breach — transparency is the best approach to maintain trust.
• Similarly, let stakeholders know what’s going on.
• Make a plan for your response. You might need to have negotiators on board to talk to the hackers, and you’ll need to inform law enforcement and plan your public response. Bring your whole team in on this so everyone knows what’s going on. 
• Review and update procedures with your cybersecurity team or provider. Consolidate what you’ve learnt from the attack, and what could be done better next time. 

And in case you didn’t know…

A ransomware attack uses unbreakable encryption to target your data. It’s why companies often have to pay the ransom to get their data back (and it’s why you might not have to pay that ransom if your backup system hasn’t been breached). 

In 2020, one in three ransomware attacks was conducted by the Sodinokibi ransomware family, according to information from the IBM Security X-Force. But no, that doesn’t mean it’s a family business; Sodinokibi is Malwarebytes’ detection name for a subgroup of ransomware that attacks Windows systems. 

Watch the video: Paula Januszkewicz on cyber attacks and defense transformation

And…

Mohammed Al Barrak (CTO at Jahez)

What Al Barrak said: 

“There are still untapped opportunities that we can leverage using today’s technology, to take us to the total level to generate a digitised era.” 

The ‘end of work’ myth

For years, people have either feared or hoped that robotics will bring us to a point where human beings no longer have to work at all. And digital services tech adds more fuel to the fire for those who eagerly anticipate/dread (depending on your feelings on a life without work) the point at which we’ve created technology so efficient that we can all sit back and…do whatever it is we’d do if we weren’t working. 

Tony Dundon and Debra Howcroft (both Professors at the UK’s University of Manchester) dispel that myth in this co-written article, suggesting that it’s “more likely that managers will forego efficiency-generating gains from digital technologies because of a fear of losing control.” 

And writing for the Harvard Business Review, Ashley Nunes (a workforce productivity expert) said that tech doesn’t just create or destroy jobs, but transforms them instead — with the potential to either boost or reduce wages, change the type of labour that human beings need to do, increase safety and productivity, and reduce errors.

Nunes suggested that businesses that are integrating tech into their operations should consider these three questions:

1. What can’t the technology do? “Technological valor may be dizzying but it too — much like humans — has limits. What are they?”
2. What’s the impact of those limitations on the business operation? “Investing in tech can boost productivity, but only up to a point.”
3. Does the cost of overseeing the tech make it a worthwhile investment? 

But while digital tech won’t end work, it can make life better

As Pew Research put it, “Living longer and better lives is the shining promise of the digital age.” 

And at the heart of that, and of the success and growth of all digital service technology, is communication. 

Digitisation facilitates fast and easy communication not just between people, but between different aspects of our lives. We can see and feel and leverage the connections between all the things we have to do and think about, and gradually piece together an easier, simpler way of living. 

Or at least, that’s the dream. 

A quick hop down a rabbit hole, to finish…

In that article by the two Professors we mentioned earlier, they wrote something about an ‘electronic cottage’. We couldn’t resist going down that rabbit hole, and this is what we discovered: 

A futurist named Alvin Toffler coined the term ‘electronic cottage’ in his book, The Third Wave, first published in 1980. And the electronic cottage appears to have been a clairvoyant description of post-COVID-19 life. It’s about (then non-existent) interconnected devices that enable people to work from their homes and build a new way of living and driving economic growth. 

Sounds…familiar.

Welcome to this week’s LEAP:IN newsletter. Each week, we unpack leader’s powerful quotes and decipher the tech landscape. With exclusive content from some of the world’s leading experts in AI, robotics, space, edutech, climate tech and more, read on to discover this week’s insights and subscribe to receive weekly updates direct to your inbox.

subscribe