Global corporations and Governments have seen an unprecedented surge in ransomware attacks which are wreaking havoc across the board. These attacks are becoming complex, sophisticated and frequent; leading to financial loss, disruption in business continuity and breach of confidential data. To mitigate businesses falling prey to cyber criminals, EY Fraud Investigation & Dispute Services has launched a Ransomware defence and remediation tool (Radar 360) which is directed at protecting digital assets (computers and laptops). Managed by its Forensic Technology & Discovery Services arm, the unique solution not only mitigates potential attacks but also helps in recovering encrypted data, without paying off the ‘ransom’, if an incident has already taken place.
Ransomware is a variety of malware which is targeted to extort money through primarily crypto currencies such as Bitcoins, by locking computers and data. It can cause damage even without the need for administrator or elevated access to computers. With new variants of ransomware springing up frequently, standard security techniques prove insufficient; leaving organizations and departments struggling for answers.
Paul Walker, Partner and EMEIA leader of EY’s Forensic Technology & Discovery Services states, “Cybercrime has become a business critical issue affecting global organisations and cyber criminals are increasingly deploying devastating forms of malware to isolate and steal sensitive data. The security of these cyber assets is a key focus area for us and we are constantly investing time and resources to build solutions to assist our clients. Through our solution, Radar 360, we are able to help organizations to recover their data post – attack and provide safeguards from future ransomware attacks”
EY’s solution has been effectively deployed at a number of organisations. This has helped these organisations prevent and remediate ransomware related incidents.
Roger Tyler, Chief Executive Officer, Blink Medical, a high-tech medical device manufacturer in UK said, “Ransomware is a serious threat that can disrupt business operations. We engaged EY to help us implement necessary technology and processes to protect our business operations from such cyber threats. By using EY’s unique solution, Blink Medical has been successful in dealing with ransomware and protecting our business against such complicated threats. We are now prepared to effectively deal with and respond to such incidents in future.”
Amit Jaju, Executive Director, Forensic Technology & Discovery Services, EY India adds, “Ransomware is one of the most dangerous cybercrime threats today. It spreads rapidly by exploiting vulnerabilities or human error and impacts systems in an irreversible manner. Radar 360 is a unique solution in the market which provides a holistic approach to deal with ransomware by including both defensive and remediation measures. We have successfully delivered this solution to clients in critical situations, when other options proved inadequate.”
Recently, there have been multiple reports where computers belonging to private as well as Government offices were infected with ransomware. This made the data inaccessible unless the ransom, in the form of Bitcoins, was paid. The subject of paying ‘ransom’, sometimes to the tune of millions of dollars, to cybercriminals is controversial but the lack of alternate solutions has made this the only choice available to businesses to recover their lost data. It has been reported that US $325 million has been lost due to just one family of ransomware called “Cyryptowall”. Based on EY’s experience, the first ransom demand per computer would range from US $ 500-1000 with a window of 8-24 hours, after which the ransom demand goes up. It has been a huge problem for businesses as there is no guarantee that they will be able to recover the data after paying the ransom. In many countries, paying ransom is illegal.
EY’s Radar 360 has two main components on the proactive and reactive sides. The ‘Defence’ module protects computers against both known and unknown ransomware and malware. The framework called ‘EY Radar defence diagnostic’, assists businesses in measuring and rectifying issues. These may relate to procedures, technical controls and overall awareness to deal with such complex cybersecurity threats, along with setting up an incident response plan. The reactive module, ‘EY Radar remediation’ recovers lost data after a successful ransomware attack, without the need for paying any ransom to the hackers.