July 7, 2023 Under Siege: The Race Against Ransomware

The alarming breach of an Australian health insurer exposes the urgent need for unyielding proactive data security.

By Dimitri Nemirovsky, Co-founder, and COO, Atakama

Last year’s pulverizing attack on Australian health insurer Medibank is a prime example of how cybercriminals can exploit organizations and leak sensitive customer data. While Medibank stock immediately shed $1.8 billion in market capitalization in the aftermath, the long-term damage in terms of reputation and trust may be even more significant.

The attackers, believed to be linked to the Russian-backed REvil gang, gained access to personal data belonging to 9.7 million customers. They initially published 123 customer claims and posted 1,500 records, including patient details, after Medibank reportedly refused to pay a $10 million ransom. The cybercriminals then declared ‘case closed’ in a final data dump on the dark web, releasing several compressed files at a size of around six gigabytes. In recognition of the seriousness of the failure, the Australian parliament passed legislation that can result in up to $50 million in fines for repeated or serious data breaches.

These kinds of highly motivated cyber gangs are part of a global business operation that sees data theft and the subsequent threat to leak information as a standard operating practice. Their activity is lucrative, and business is currently booming. This massive breach sheds a harsh light on how organizations fail to protect critical data, leaving themselves vulnerable to data theft and extortion.

From Hostage to Hero: Confronting the Rise of Ransomware

As the debate rages on over the contentious issue of ransom payment, malicious criminals continue to hone their skills for future onslaughts. It is of utmost importance that businesses seize a moment of reflection and critically evaluate the validity of their current security practices. CISOs must urgently embrace innovative techniques and novel approaches to fortify their data fortresses, safeguarding their own invaluable information and their customers’ personal data. The time for complacency is over, and the time for resolute action has arrived.

In the ever-evolving realm of cyber threats, the rise of ransomware as a service (RaaS) and the emergence of affiliate networks have fueled a concerning increase in attack frequency. Startling reports indicate a 13% surge in ransomware incidents this year, surpassing the cumulative total of the past five years. As businesses transition to cloud infrastructure and embrace IoT networks for remote work, the potential attack vectors for cybercriminals have multiplied, leading to a surge in devastating ransomware attacks.

In this rapidly changing cyber landscape, organizations must swiftly adapt their data security approach. A single security oversight can have far-reaching consequences, especially considering the interconnectedness of supply chains that rely on people, systems, and applications across multiple organizations. Inadequate security opens the door to potentially damaging events.

Now more than ever, it is essential to remain vigilant and proactive. Organizations must prioritize robust security measures and stay ahead of evolving threats. By doing so, they can mitigate the risks posed by ransomware attacks and safeguard their valuable data and the trust of their customers.

Unleash next-level data protection

So, how do organizations safeguard their data effectively without severely hampering productivity?

The conventional suggestions of implementing multifactor authentication, utilizing robust passwords and password managers, and regularly updating software were once deemed sufficient to enhance security beyond the outdated castle-and-moat strategy. However, it is abundantly clear that relying solely on these methods is woefully inadequate for defending against modern threats. It is highly probable that numerous organizations, including Medibank, have already adopted these practices long ago.

Organizations must consider new approaches, using provably more secure methods. Encrypting sensitive data is an important element of this. But decentralizing the keys provides an additional layer of security that keeps sensitive data properly secured against even the most sophisticated data exfiltration attacks. For example, a decentralized, multifactor approach to cryptographic key management eliminates the threat of data exposure in a Ransomware attack. By adopting this Distributed Key Management (DKM) strategy, organizations can ensure their data is protected, even when identity and rules-based access controls fail.

Conventional centralized identity-based security and its downstream access controls give attackers a free pass to all data once they have acquired a set of credentials through social engineering or phishing. The centralized solution authenticates them as ‘trustworthy,’ giving them unfettered access to systems, databases, and files – just like any legitimate user.

Even if organizations utilize conventional data encryption techniques, data is still vulnerable to theft due to the centralized nature of this approach to data protection.  Once an attacker has infiltrated the system and commandeered the encryption keys, they can quietly extract, destroy, or augment data. 

Multifactor encryption defeats these threats by adopting a decentralized cryptographic key management strategy. Data is encrypted using high-strength AES-256 keys. A unique key is generated for each data file and automatically fragmented and distributed across physical devices. Authorized users then decrypt with a click without disrupting business or their workflow, preventing any trade-off between data security and accessibility.

With Multifactor Encryption in place, when malicious hackers manage to infiltrate an organization, their attempts to access the data in the files will be in vain, as they cannot reconstruct the encryption keys required for decryption. Without these keys, the data remains impervious to their prying eyes, eliminating any possibility of exposure. This paradigm shift in security acknowledges the grim reality that the complete exclusion of all malicious actors from the network is unattainable. Instead, the focus shifts towards thwarting breaches by effectively safeguarding the coveted information at the file level.

Alongside critical data protection, businesses must also have access to a robust solution for business intelligence in the realm of granular data security. One that caters to critical business reporting requirements, compliance obligations, operational decision-making, and anomaly threat detection. By leveraging advanced visualization, reporting, monitoring, and alerting, businesses gain actionable insights and enhanced control over their protected files, encryption events, and user activities.

Eliminate data exfiltration with next-generation data security

By adopting distributed key management, organizations fortify their defenses against malicious actors seeking to exploit vulnerabilities. This revolutionary approach ensures that encryption keys are securely stored, shared, and managed across multiple nodes, rendering them impervious to unauthorized access and manipulation.

The time for action is now. Embrace this paradigm shift in data protection and elevate your organization’s security posture to unprecedented heights. Multifactor Encryption, built on distributed key management, is a formidable defense against the relentless onslaught of cyber threats, providing the necessary shield for organizations grappling with escalating volumes of highly sensitive data. Failure to adapt is not an option—embrace these cutting-edge technologies and emerge triumphant in the ongoing battle for data security supremacy.

Dimitri holds BBA and MBA degrees from Baruch College and earned his JD from Brooklyn Law School. Prior to co-founding Atakama, Dimitri spent 15 years as an attorney, most recently practicing regulatory and enforcement law at Bingham McCutchen where he represented large financial institutions in high-stakes matters. Dimitri began his career at Merrill Lynch.

Subscribe to Industry Today