Britain’s cyber spies are joining forces with the military to hunt down ransomware gangs, but how do you police the darkest corners of the web?
The UK Defense Ministry is building a £5bn ‘digital warfare’ center capable of launching cyber attacks against hostile countries. The cyber spies at GCHQ may also deploy National Cyber Force hackers to track rogue gangs who freeze computer files and demand a ransom to restore access. While the details are top secret, cyber spies generally block phone signals or disrupt the servers of online criminals.
The UK isn’t the only country taking the initiative. The Biden administration wants to enlist 30 countries to fight cyber crime and the illegal use of cryptocurrency.
While the governments gear up, there’s plenty companies can also do to battle ransomware gangs. (See SPYSCAPE’s Top 10 Tips below.)
The bolshy FBI and GCHQ offensives aren’t without risks, however. The new tactics could trigger a tit-for-tat online war and some experts would rather see a workable criminal justice system developed for cyber.
“If we don’t make it more difficult for threat actors they will continue to proliferate. Without the proper governance, law enforcement and intelligence agencies have their hands tied and threat actors and hostile nations know this,” said Shawnee Delaney, an insider threat subject matter expert, SPYEX consultant, and former clandestine ops officer for the US Defense Intelligence Agency.
“These agencies tend to be historically reactive rather than proactive,” added Delaney, CEO of Washington, D.C.-based Vaillance Group. “With many threat actors operating in permissive environments where other nations are not able to extend the rule of law, beating them at their own game might just be key.”
Delaney and others want to see more modern, relevant cyber laws and cooperation among nations but, until then, what steps can companies and individuals take to protect themselves?
SPYSCAPE’s Top Tips to Fight Ransomware Attacks
1. Run frequent backups of data and save it on a separate hard drive or server so it is isolated.
2. Hire an IT security professional in-house or an outside provider to tighten security and educate employees about signs of a potential attack.
3. Use up-to-date antivirus and anti-ransomware software and other tools.
4. Assume the worst will happen. Draw up a business continuity plan that includes data backups and/or disaster recovery.
5. Secure mobile devices. Ransomware can infect cell phones through downloads and fake apps.
6. Never click on unsafe links, particularly in spam messages or on unknown websites, and don’t open suspicious email attachments.
7. Don’t use unknown USB sticks or any other device to store your files if you don’t know where they came from.
8. Educate yourself about ransomware and malware. There are plenty of online resources including SPYSCAPE's Malware 101 introduction.
9. Ensure home computers and personal devices that interact with company computers are safe using SPYSCAPE’s Top 10 Online Safety Tips.
10. In the event of an attack, immediately isolate the malware infection to stop it from spreading by separating infected computers that share storage and the network with computers that are not infected.