Ransomware attacks continue to rage in countries like Japan and Singapore, where they are believed to remain a significant concern, particularly for the critical information infrastructure (CII) sectors. . Small and medium-sized businesses (SMBs) are also a growing concern as they are often under-resourced and more likely to fall victim to cyberattacks.
Mihoko Matsubara, NTT’s chief cybersecurity strategist, said in an interview with ZDNET that cyberattacks have increased in number over the past few years, and the past year was no exception.
The war in Ukraine has also raised questions from organizations in Japan about how it will impact the cyber threat landscape, said Matsubara in Tokyo, but noted that it was difficult to pinpoint. determine whether there is a direct correlation between the ongoing conflict and the growing number of cyberattacks. .
She added that most companies, as they digitize their operations, will have more IT assets and an expanded attack surface to defend, making it more difficult to protect their networks. against the onslaught of attacks. However, growing awareness of the potential risks has created opportunities for businesses and countries to strengthen their cyber resilience, she said.
Righard Zwienenberg, senior researcher at ESET, said the security vendor’s research showed a decrease in ransomware attacks this year, with phishing remaining the top threat, especially for companies in Japan.
However. Zwienenberg, who is also a member of the Europol European Cybercrime Center advisory group, said the figures do not necessarily suggest that hackers are turning their attention away from ransomware.
Instead, the reduction in the number of ransomware attacks may reflect a shift in the “business model” focusing less on lower-end companies and more on high-value businesses. higher with bigger wallets. This means hackers can demand higher ransoms from their target victims, he said, pointing to last year’s ransom demands ranging from $4.4 million in ransomware attacks. Colonial Pipeline of the United States, to $70 million with Kaseya and $240 million related to MediaMarkt.
And instead of blocking access to customer data or sensitive data, he added that cybercriminals are increasingly opting for extortion, in which they threaten to reveal victims’ data and notify the public. them about data breaches. This will cause more damage to the targeted organizations, including financial penalties for potentially violating local data privacy regulations and forcing them to pay a ransom.
Zwienenberg advocates the need for Regulations will stop organized from give in to demand ransomnote that there are never any guarantees giving in to such demands would result in to fully recover the stolen data or the hacker will delete the data log.
He also pointed to growing concerns about CII amid a shift in targeting towards these areas and cyber warfare, as a consequences of the war in Ukraine.
SMB needs help stopping attacks
Matsubara also expressed concern about an increase in ransomware attacks targeting hospitals in Japan as well as small and medium-sized businesses. Citing Japan’s National Police Agency, she noted that more than half of the companies affected by ransomware attacks are SMBs, compared with a third being large or large Japanese organizations.
With SMBs an integral part of the global supply chain, she urges governments and industry players to work together and identify ways, beyond funding, to better deliver support consolidation of SMB‘ business continuity capabilities. For example, the Tokyo Metropolitan Government has implemented a unique program Japanese campaign includes a series of comic book-style guides to help SMBs better visualize cybersecurity attacks and how they should mitigate and respond to threats, such as ransomware and compromised business email.
However, Matsubara noted that the ongoing conflict in Ukraine has prompted more dialogue between the government and their local industries, as part of an effort to exchange information about the threat. . This is encouraging because the public sector is not always willing to share information in the interest of national security, said Matsubara, who previously worked at Japan’s Ministry of Defense and served on the R&D policy committee. government cybersecurity, said.
Noting that cybersecurity is a global challenge, she said defense departments increasingly need to engage with the public and business leaders so they can help local industries strengthen their defenses. protect your network and protect your infrastructure better.
She added that ensuring there is a bridge between the public and private sectors will also help shape practical regulations and policies, and ensure technologies can be developed in a timely manner. and efficient.
It will further encourage incident reporting and mutual threat information sharing, as businesses won’t feel it’s an unfair one-way transaction and will have more peace of mind that insights Theirs is being taken seriously, she said.
When asked how countries have dedicated cyber defense units like Singapore To ensure these are effective, Matsubara once again emphasizes the need to share cyber intelligence between different ministries and sectors, especially CII operators. There should also be regular joint cybersecurity drills between government agencies, CII companies and cyber defense units to test their incident response capabilities.
Indicates the ransomware attack has taken down American Colonial Pipeline Last year, she said the case demonstrated that financially motivated cybercriminals targeting a specific company can cause significant damage in other sectors as well as the rest of the country. Other countries may also be affected as there are no borders in the cyber sector.
She said the pervasiveness and interdependence of CII sectors, such as transportation and energy, further underscores the importance of governments and industries engaging in intelligence sharing and intelligence sharing. joint exercise on network security.
However, socio-political tensions such as the ongoing Sino-US trade war could cause further complications for the global ecosystem, especially if it leads to decoupling technology infrastructure.
That means organizations will have to support more protocols to ensure interoperability, potentially leading to more exploits and more patches to deploy, Zwienenberg said. Businesses–especially SMB–takes too long roll out fixeswith known exploits sometimes go unpatched for months, he said, noting that old exploits like Wannacry still infect systems today.
RELATED INSURANCE
