The Necessity of Adaptation in Preventing Ransomware Attacks
On November 7th and 8th in The Woodlands, Texas, a conference on oil and gas cybersecurity was held to outline the key cybersecurity issues the industry faces today and how to tackle those issues and adapt for what the future of cyberattacks may hold. Michael Leigh, the global head of incident response at consultant NCC Group, held a session during the conference that focused on ransomware attacks. His central point came to be that the main reason the industry is so vulnerable to ransomware attacks is that companies aren’t “forcing adaptation.” He noted that hackers repeatedly use to the same methods and tactics to carry out these attacks and the only thing that ever changes is the vulnerabilities they exploit. If industry leaders truly want to put an end to ransomware attacks, they need to not only fix the vulnerabilities that hackers currently use as a means to carry out these attacks, but also constantly adapt and evolve their systems so that hackers must also constantly adapt if they want to find new ways to carry out ransomware attacks.
In other words, fixing known vulnerabilities is not enough, you must also frequently adapt your systems in order to “raise the bar of entry” for hackers in the first place. Leigh cited the “Red Queen” effect when explaining this concept which is the evolutionary hypothesis that organisms must constantly evolve not just to gain a reproductive advantage, but to also compete against predatory organisms or organisms that share the same resources in a changing environment.
We can perhaps also apply the concept of evolutionarily stable strategies (ESS’s) to Leigh’s ideas. It’s obvious to hackers that employing the same methods over and over again when carrying out ransomware attacks is an ESS because oil and gas companies don’t adapt their systems with the intent of making it more difficult to carry out such attacks, they merely patch up vulnerabilities after they’ve already been discovered and exploited. If these companies would simply adapt their systems frequently as Leigh recommended, their losses from such attacks and the payoff for hackers would be substantially reduced.
Sources:
https://www.spe.org/en/jpt/jpt-article-detail/?art=3598
https://en.wikipedia.org/wiki/Red_Queen_hypothesis#Etymology