It only takes 2.13 seconds for ransomware to deploy and seize complete control of a company’s or individual’s database, but getting that information back could take months.
In addition, the attack could result in a financial loss, which could be compounded by the cost to fix the breach.
Ransomware is a type of malware scammers use to block or limit access to devices or files for which they will then demand ‘ransom’ payment to unlock.
Cayman has been lucky when it comes to such attacks, though John Watson, head of the RCIPS Cyber Crime Investigation Unit, said companies and the community need to enhance their cyber security to maintain that good track record.
Corporate attacks are not reported, though, which Watson said poses a significant challenge to overall cyber security.
“The key to preventing cyber attacks is understanding what the tactics, techniques, and procedures that the bad actors are using, together with the indicators of compromises that they’re using … that is IP addresses and other email addresses,” Watson told the Cayman Compass after speaking at the third annual Security BSides Cayman Islands conference, held from 29-31 Oct. at the Kimpton Seafire Resort.
He said having that information can be used to prevent further attacks “by blocking those IP addresses, by understanding what particular techniques they’re using to defeat them”.
Watson also noted the high frequency of cyber attacks.
“Every network in the world gets some sort of attack [as] a daily event. Most are defeated because they’re quite low level. But still there’s stuff we could learn from, there’s IP addresses that we could share with small and medium enterprises who do not have the same capacity to protect themselves. We could put out public messaging,” Watson explained.
He pointed to the Ransomware.Live website, which tracks the victims of these attacks worldwide. Last month, there were 548 victims, compared to 394 incidents in October 2023, and 165 the October before that, according to the site.
Exploiting trust
He says there are many in the community falling victim to “social engineering” scams that use a clickable link to exploit trust and are always about getting money.
Cayman, he said, does not do enough to ensure cyber security.
Watson said there has been an increase in WhatsApp scams in particular, through which people have lost money, because the scammer involved preys on the trust of the target he or she is seeking to defraud.
“If in doubt, don’t do it,” Watson warned, as he addressed the issue at the conference.
Watson said “complacency is the enemy of cyber security” and urged attendees and the wider community to “trust nothing, verify everything” as attacks are getting more sophisticated, making them harder to spot.
While the Cyber Crime Unit has been able to track scammers, he said they cannot make arrests as these crimes are being perpetrated from countries like Russia and Nigeria, which are out of their legal reach.
Watson encouraged the community to keep reporting any attacks, especially those on companies, as getting this information is critical.
He stressed the importance of conferences like BSides which help to educate the community and presents an opportunity for the cyber-security businesses to come together to learn from some of the best experts in the world.
“We, the RCIPS, can’t do this alone. We look to the wider cyber-security community to assist us in what we’re doing and that’s why conferences like this are absolutely vital,” he said.
Everyone has a role
Cyber experts agree if Cayman’s individuals and businesses take steps to increase cyber security, the risk of falling victim to such attacks would be reduced.
“I’m always afraid that something has to happen before we start to secure ourselves,” Vlad Logvinov, known as the IT Guy, said at the 30 Oct. session as he tackled the issue during his presentation ‘Cybersecurity for regulated entities – “Baby steps” (small business edition)’.
Cayman has been fortunate so far in that while some small businesses have been compromised it has not been “a big deal” in the community, Logvinov said.
However, Logvinov, who is the co-founder of regulatory technology and IT concierge entities, said he is concerned that one day when “one intermediary gets really compromised, really hacked, that would be a snowball effect for the rest of the companies”.
Small and micro businesses may be challenged to engage cyber-security firms, but Logvinov said “baby steps” can be taken to protect not only themselves, but the community as a whole.
Those steps, he said, can be as simple as using Microsoft Defender, assessing existing risks and vulnerabilities, training staff on potential threats and putting clear policies and procedures in place if attacked.
He said engaging the community and companies in cyber-security training and increasing awareness could be good avenues to start fortifying Cayman against attacks.
“If we start with schools, we start with families, they will spill over into our companies,” Logvinov said.
Related Videos
