Businesses must take a more active ‘defence-in-depth’ approach to combat ransomware reprisal attacks 

The UK’s Financial Conduct Authority has written to London businesses urging them to reinforce their cybersecurity systems in response to rising tensions between Russia and the West, which in turn could lead to Moscow-backed hacks against banks.

The UK is preparing to impose economic sanctions on Moscow if Russian troops invade the neighbouring country of Ukraine. There are concerns that Russia could launch state-sponsored cyberstrikes against British businesses in reprisal.

Ransomware is already a significant threat to the UK economy. Earlier this week, the UK, US and Australia said in a joint statement that 2021 saw further increases in “sophisticated, high-impact ransomware incidents” originating from Russia and other former Soviet states.

Steve Arlin, vice president of sales for the UK, Americas & APAC at ProLion said, “Ransomware attacks have evolved and become more sophisticated in recent years. National governments and businesses alike must view ransomware as more than just data theft or an online shakedown by a cyber-crook.”

Countries can use ransomware in an unofficial capacity to strike at and harass rivals who they might not otherwise be able to hurt in conventional means, either through economic sanctions or military action. They can do so while denying any knowledge and responsibility of the attack.

The availability of affordable ransomware software has removed cost as a barrier that previously discouraged ransomware. Even novice hackers can now easily mount attacks.

Arlin continued, “With geopolitical tensions on the rise worldwide and ransomware solutions becoming cheaper and more readily available, the threat of more attacks against Governments – at a national and a local level – and companies of all sizes shows no signs of slowing down.

“There’s no way for any organisation to completely protect against ransomware. But that’s not an excuse to not take the initiative and be properly prepared. The emphasis must be on actively monitoring your network to counter threats – rather than reacting to breaches after they occur,” he explained.

“The most effective strategy for businesses is a ‘defence-in-depth’ approach that incorporates multiple layers of defence with several mitigations at each layer. You’ll have more opportunities to detect an attack, and then stop it before it causes real harm.

“Training staff on an ongoing basis to identify new ransomware tactics and techniques is equally important in a comprehensive security strategy,” Arlin added.

“By putting in place the right protections and counter-measures, an organisation can reduce the potential serious damage, disruption and cost caused by a ransomware attack.”