Companies need to brace for more destructive ransomware globally: Cisco

New Delhi: Organisations globally are unprepared for future strains of more sophisticated ransomware as fragile infrastructure, poor network hygiene and slow detection rates are providing ample time and air cover for hackers to operate, a new report said on Wednesday. According to networking giant Cisco's "Midyear Cybersecurity Report (MCR)," in 2016, ransomware has become the most profitable malware type in history and the trend will continue with even more destructive ransomware that can spread by itself and hold entire networks, and therefore companies, hostage.  "Attackers are going undetected and expanding their time to operate. To close the attackers’ windows of opportunity, customers will require more visbility into their networks and must improve activities, like patching and retiring aging infrastructure lacking in advanced security capabilities," said Marty Roesch, Vice President and Chief Architect, Security Business Group, Cisco, in a statement. According to the findings, the struggle to constrain the operational space of attackers is the biggest challenge facing businesses and threatens the underlying foundation required for digital transformation.  Other key findings include adversaries expanding their focus to server-side attacks, evolving attack methods and increasing use of encryption to mask activity.  "As attackers continue to monetise their strikes and create highly profitable business models, Cisco is working with our customers to help them match and exceed their attackers’ level of sophistication, visbility and control," Roesch added.  According to the report, new modular strains of ransomware will be able to quickly switch tactics to maximize efficiency.  For example, future ransomware attacks will evade detection by being able to limit CPU usage and refrain from command-and-control actions.  These new ransomware strains will spread faster and self-replicate within organizations before coordinating ransom activities.  On average, organisations take up to 200 days to identify new threats.  "Cisco’s median time to detection (TTD) continues to outpace the industry, hitting a new low of approximately 13 hours to detect previously unknown compromises for the six months ending in April 2016," the report added.  "This result is down from 17.5 hours for the period ending in October 2015. Faster time to detection of threats is critical to constrain attackers’ operational space and minimise damage from intrusions," it added.