ChannelLife Australia logo
Industry insider news for Australia's technology resellers
Story image

Examining the future of ransomware threats with Vectra’s CTO

By Contributor
Wed 6 Jul 2022

Article by Vectra chief technology officer Oliver Tavakoli.

In the last few years, businesses and security leaders have been zeroing in on how to better manage and secure cloud infrastructure amidst a wave of change as enterprise cyber-attacks evolve and increase.

Recent studies reveal that 80% of Australian organisations were hit with ransomware in 2021, up from 45% in 2020. Vectra's own research found that 57% of A/NZ respondents feel it is possible or likely they have been breached whilst being unaware it is happening, 75% have experienced a significant security event that required an incident response effort​, and 9% are not fully confident their security tools would protect against sophisticated attacks​.

As a CTO, a big part of my focus is the future, creating 'thought experiments' to determine the best ways to protect our critical data and systems. With planes back in the skies, I was delighted to speak at the Australian Cyber Conference earlier this month to discuss and debate some of these so-called 'experiments' with others in the industry.

Ransomware remains an important topic of debate among cybersecurity professionals in Australia and elsewhere in Europe and the US. The other consistent issue is related to supply chain attacks, including traditional on-premises products as well as services delivered via the cloud.

Within Australia, migration to cloud and SaaS, and the inability to source experienced talent who understand the security implications of clouds, are also connected issues. There is tension between businesses wanting to go agile through cloud adoption and security teams trying to gain visibility and implement security in those environments. In a perfect world, that tension is resolved in a balanced manner, but we don't live in a perfect world and often, the business imperative to rapidly roll out new services outstrips the ability of organisations to do so securely.

The problem with cloud

Not so long ago, on-premise networks were wide open to attackers, so this has been our focus. Now, employee traffic is predominantly accessing applications across the internet. This means we need to look at logs in cloud platforms such as Amazon Web Services (AWS), Azure and Google Cloud Platform (GCP), cloud identity systems such as Azure AD and Okta and collaboration applications such as Microsoft 365 and Google Workspace.

Highlighting how businesses are being inundated with cyber criminals looking to capitalise on vulnerabilities, the Australian Cyber Security Centre (ACSC) says it received one cybercrime report every eight minutes over the 12 months to June 30, 2021. On top of this, the ACSC states that Australia experienced a 13% jump in cybercrime over the year, with about one incident in four targeting critical infrastructure and services as working from home during the pandemic made more people vulnerable to
online attacks.

A common story is that the pandemic drove businesses to move into multi or hybrid cloud setups, not through a grand strategy but because of a pressing need. As a result, services such as Microsoft 365 or eCommerce platforms were implemented quickly, without consideration for how this impacted infrastructure or security. On top of this, different business units or departments often evolved in different directions, adding layers of complexity. 

Now we find ourselves at a point of reckoning where we must understand the reality of the situation and how to fix it.

Ransomware in the cloud

The move to cloud has left gateways for attackers to leverage and gain a point of entry, and they are beginning to take full advantage of this. On-premise, if a cybercriminal wants to encrypt a business's data, they must go through the laborious exercise of connecting to a server, pulling all data across the network, encrypting it and writing it back to the server – and finally deleting the original copy. 

To be successful, ransomware operators try and get their hooks into as many places as possible and encrypt as much as possible. In the cloud, ransomware operators can leverage server-side encryption provided in the cloud platforms, allowing them to encrypt data much faster and without heavy lifting.

At Vectra, we look at a cloud like AWS or Azure as having two different attack surfaces. There's the traditional attack surface where attackers go through the network to attack a workload running in the cloud, escape the workload, and then steal data. And there's the management plane or the control plane of a cloud platform which represents a more potent and less well-understood set of controls.

Recognising this, Vectra has solutions to cover both attack surfaces. We work to protect customers being attacked from the network, and we work to protect businesses from being attacked at the control plane of their tenant in a cloud. The inbound initial vector can be incredibly complex and varied, but once it lands and establishes some foothold in the environment, we help the business find and stop the incursion before it does actual damage.

Looking forward

As customers' valuable data move to the cloud, so will ransomware. So we are asking questions such as, what does the combination of cloud and ransomware look like, how quickly will attackers become cloud-capable, and what measures should we take now?

This was the focus of my presentation at the Australian Cyber Conference in Canberra and many of the surrounding conversations. Highlighting the early harbingers that exist, I looked at how we can protect ourselves against ransomware in cloud systems and why this is substantially different to the defensive measures required for on-premise.

By discussing such issues, I hope to encourage CISOs to bridge the worlds of security and business so investments can be prioritised and our infrastructure can be protected.

Related stories
Top stories
Story image
Tech job moves
Tech job moves - Cohesity, Equinix, IDC, Proofpoint & Xero
We round up all job appointments from July 29 - August 5, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
10 Minute IT Jams
Video: 10 Minute IT Jams - An update from Heidrick & Struggles
Graham Kittle joins us today to discuss how the company is helping organisations bring about change within their business.
Story image
Inde
Exclusive: Inde provides innovative solutions across the tech sector
Inde likes to call its approach the 'power of the collective', which essentially means that if a client approaches the company with a problem, they'll get the team's collective insight to help drive the best outcome.
Story image
Tablets & laptops
Hands-on review: Xencelabs Graphic Display Tablet
Xencelabs seemed to show up out of nowhere on the market. I had no idea who they were or what they were about, but I was very intrigued.
Story image
Tablets & laptops
Chromebook and tablet shipments see another rapid decline for the year
According to research from Canalys PC Analysis, Chromebook and tablet shipments have fallen for the fourth quarter in a row for Q2 of 2022.
Story image
i-PRO
VisualCortex and i-PRO partner for enhanced APAC deployments
VisualCortex and i-PRO have partnered to facilitate enterprise-wide Computer Vision technology deployments in APAC.
Story image
Artificial Intelligence
Runecast's award-winning platform future-proofs businesses
Runecast provides both security and operations teams with what a few industry experts have called a 'must-have' solution.
Story image
Partner awards
Vertiv recognises outstanding 2021 A/NZ channel partners
Vertiv has recognised the exceptional contributions that its Australia and New Zealand channel partners made to its IT and mechanical and electrical (M&E) businesses in 2021.
Story image
Gaming
Hands-on review: SteelSeries Apex Pro Mini Keyboard
SteelSeries has taken the design of its range of Apex keyboards to create a smaller version, the Apex Pro Mini. Techday’s Darren Price checks it out.
Story image
Check Point
Ransomware now impacts 1 out of 40 organisations a week
Retailers and the wholesale sector saw the largest spike in ransomware attacks, with an alarming increase of 182%.
Story image
Malware
Nozomi Networks Labs identifies impacts on 2022 threat landscape
Nozomi Networks’ latest research finds that wiper malware, IoT botnet activity, and the Russia/Ukraine war have had the biggest impact on the threat landscape in 2022 so far.
Story image
Hybrid Cloud
The essential guide to digital transformation by SolarWinds
Digital transformation is a buzzword thrown around all the time by companies, but what does it actually mean and why is it important? SolarWinds breaks it down.
Story image
CRM
Forrester names Pega a Leader in CRM Solutions 2022 report
Forrester Research has named Pega a Leader among 11 competitors in The Forrester Wave: Core CRM Solutions, Q3 2022 report.
Story image
Phishing
Top universities lagging on basic cybersecurity - report
Universities in Australia, the US and the UK are lagging on basic cybersecurity measures, creating higher risks of email-based impersonation attacks.
Story image
Phishing
Phishing, software vulnerabilities cause 70% of cyber incidents
The heavy use of software vulnerabilities matches the opportunistic behaviour of threat actors who scour the internet for vulnerabilities and weak points.
Story image
Cybersecurity
More than a fifth of cybersecurity teams ban the use of public WiFi
Verizon’s fifth annual Mobile Security Index report has revealed a continued rise in significant cyberattacks in the last year involving a mobile/IoT device.
Story image
Artificial Intelligence
Why smarter healthcare depends on data and automation
The pandemic has acted as a fierce catalyst for change. It’s strong-armed industries across the globe to embrace a world of new. Nowhere is that more evident than in healthcare.
Story image
Cybersecurity
Optic Security Group on Australia recruitment drive
Trans-Tasman security integrator looks to meet the twin challenges of high client project demand tight & labour market supply with new opportunities.
Story image
SAP
Microsoft unveils two new security products to help reduce attack surfaces
The products are set to give companies deeper insights into threat actor activity and help them successfully navigate the changing threat landscape.
Story image
Sustainability
Green hydrogen company Hysata raises AUD $42.5 million
Global investors are supporting Hysata's hydrogen electrolyser technology as the organisation closes its oversubscribed Series A funding round of AUD $42.5 million. 
Story image
Gaming
Logitech G’s new Aurora collection looks to help change gaming stereotypes
The company’s new Aurora collection is designed to be gender inclusive, not gender exclusive, addressing the needs and wants of women gamers while also still appealing to a wider general audience.
Story image
Wireless
Wave Audio delivers ultimate immersion with new wireless earbuds
Wave Audio, one of Australia's best new audio brands, has recently released a set of landmark noise-cancelling true wireless earbuds, the Immersive Pro.
Story image
Digital Transformation
Macquarie Telecom rolls out SD-WAN services for mycar Tyre & Auto
Macquarie Telecom says it has rolled out NBN and SD-WAN services to more than 270 mycar Tyre & Auto stores across Australia. 
Story image
Sustainability
Phronesis Security achieves B-Corp certified status
Phronesis Security has become the first cyber security company in Australia to achieve the coveted B Corp certification, having been certified since June 2022. 
Story image
Printers
Comedy legend Jimeoin fronts Epson advertising campaign in NZ and Australia
According to Epson the company’s EcoTank models now account for 74% of all printers sold in the category in New Zealand, alone.
Story image
SAP
OutSystems joins SAP PartnerEdge program, integrates solutions
OutSystems has become an official member of the SAP PartnerEdge program. This will make it easier for other businesses within the SAP ecosystem to discover and connect with OutSystems.
Story image
Infrastructure
Rimini Street announces new suite of security solutions for enterprises
Rimini Street has announced the launch of Rimini Protect, a new suite of security solutions set to provide a more comprehensive layer of security.
Story image
Wireless
Wave Audio spices up portfolio with first ever party speaker
Australian-based pioneers Wave Audio are enhancing their extensive range of groundbreaking new audio products by adding one of the most versatile speakers on the market to their growing portfolio.
Story image
Mobile Device Management / MDM
Claroty's Team82 uncovers two vulnerabilities in FileWave’s MDM system
Claroty’s research arm (Team82) has uncovered and disclosed two critical vulnerabilities in FileWave’s Mobile Device Management (MDM) system.
Story image
Biometrics
AU biometric security company achieves B Corp cert
Australian biometric security firm Daltrey has announced it has become the first cybersecurity vendor in AU to achieve the B Corp certification.
Story image
BAI Communications Australia
BAI Communications to help improve mobile coverage across regional NSW
Deputy Premier and Minister for Regional NSW Paul Toole said regional communities deserve reliable and affordable mobile services.
Story image
Data Protection
Video: 10 Minute IT Jams - An update from SearchInform
Alexey Pinchuk joins us today to discuss the role the company plays in helping organisations manage risk and provide better security outcomes.
Story image
Microsoft
SaaS sector in NZ thriving as a result of trans -Tasman partnerships
New Zealand's Software-as-a-Service (SaaS) sector is on track to be the biggest contributor to GDP this year, generating more than NZD$20 billion for the New Zealand economy.
Story image
Security vulnerabilities
Flashpoint says vulnerability disclosure ‘highly volatile’
Flashpoint has released The State of Vulnerability Intelligence: 2022 Midyear Edition, finding that the current state of the vulnerability disclosure landscape is ‘highly volatile’.
Story image
Compliance
Why security needs to shape your journey to the cloud
It's estimated that 80% of workloads could be in the cloud in the next few years. How can you make all that data secure?
Story image
Identity and Access Management
Pitney Bowes launches rebranded management offering in A/NZ
Pitney Bowes has launched Smart Access Management (SAM), its rebranded digital visitor and contractor management offering in Australia and New Zealand.
Story image
Data
Consumers will stop doing business over data practices
“Data privacy remains a concern for consumers when it comes to sharing their information with an online retailer with an unclear view of privacy laws."
Story image
Cheetah Digital
Privacy, data ethics and the ‘seismic shift’ in consumer trust
Aussie consumers have low levels of trust for advertising, but will pay more to purchase from a trusted brand, a new report from Cheetah Digital reveals.
Wiise
Discover why cloud ERP is central to a growing business' tech stack. Sign up now for free.
Link image
Story image
Wireless
Hands-on review: James Donkey RS4 Knight Wireless Gaming Keyboard
I have always liked mechanical keyboards, and this is no exception. I find the action much easier to use than the modern keyboards with limited travel.
Story image
Appointments
Tech job moves - Checkmarx, Kinly, Syniti, Trellix & WalkMe
We round up all job appointments from July 22-28, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Product Management
TeamViewer and Siemens to innovate product lifecycle space with AR
TeamViewer's new partnership with Siemens Digital Industries Software to bring the power of TeamViewer's AR platform, Frontline, to Siemen Teamcenter software.