Disarming ransomware attacks is the defining challenge of the post-pandemic cybersecurity era. Content disarm and reconstruction (CDR) technology, is an answer available today.
Everything from Morse Code and the German Enigma machine through to modern video-conferencing software solutions are reliant on some type of encryption to do their job.
However, it’s not all good in the world of encryption, as bad actors have taken to weaponising the process in the form of ransomware.
Attackers have learned that by encrypting all of your data, they can make it unreadable without the appropriate ‘key’ which deciphers it. The next stage in their process is demanding payment for the ‘key’ which will unlock it, usually via cryptocurrency.
Ransomware now represents the ‘dark side’ of the encryption technology industry, and it’s growing at an alarming rate.
New research released in June from cybersecurity outfit Illumio revealed that in Australia, nearly 9 out of 10 (87%) organisations that have had data and systems held hostage by a ransomware attack paid the ransom, at an average cost of $247,000.
Senetas is an expert in cryptography, and how difficult it can be to break. Founded in 1982, Senetas (ASX:SEN) has spent decades refining its encryption solutions to keep outsiders from breaking in without compromising systems’ performance.
Testament to that is the long list of multi-national commercial organisations, national governments, defence departments and Cloud service providers around the world.
In many ways, ransomware is the challenge Senetas was built to fight. So, when it comes to tackling ransomware, it might be surprising that Senetas will point to its majority owned subsidiary company Votiro for a response to the growing menace.
Prevention better than cure
“Encryption technology has progressed rapidly in the last decade. Deciphering it without the key is mathematically possible, but certainly not within many human lifetimes even with the use of the most powerful computers available today,” Senetas CEO, Andrew Wilson explains.
“It’s a ‘practical’ impossibility that almost every organisation and user relies upon to do business securely online. Services like banking rely on it to keep functioning.
“We’re not surprised Australian businesses end up paying the ransom, because at that point they have very few options.
“The focus for beating weaponised encryption should be on preventing it from getting into your network in the first place. That’s why we acquired a 70% stake in Votiro back in 2018, and why we announced a further A$5M share placement in May this year.”
Here comes the tech
Israel-based Votiro is a global leader in content disarm and reconstruction (CDR) technology. Votiro Cloud’s patented and award-winning software automatically scans and sanitises each and every file sent, shared and even stored with an organisation.
It identifies and destroys any unknown and known malicious content and reconstructs a fully functional, threat free file in less than a second. It’s proven effective against known, unknown and persistent zero day attacks.
It’s best thought of as a ‘secure’ area that all files need to pass through, like security at an airport. Traditional anti-malware security products rely upon identifying known attacks and knowing exactly how an attacker will look to get into the network and blocking them off in advance.
Votiro Cloud on the other hand goes looking for threats proactively deconstructing and analysing all files sent to an organisation. It can then neutralise any malicious or unexpected code it finds before reconstructing the content into fully-functional, safe-to-use files in seconds.
The future of ransomware and encryption is uncertain
Today’s conventional mathematics based encryption however, has an expiration date with the advent of quantum computing as recognised by the world’s leading cybersecurity standards organisations, such as NIST.
Recently US President Biden released a “memorandum” mandating federal measures for the implementation of Quantum-resistance.
More than a year ago, Senetas announced Quantum resistant encryption steps for its network encryption products without causing current customers’ encryptors to become redundant.
Senetas calls it ‘hybrid encryption’ – the use of both conventional and Quantum-resistant algorithms to protect today’s against tomorrow’s Quantum computing threat.
Future technology like quantum computers will trivialise breaking the type of encryption ransomware attackers use, reducing the time to decrypt from decades to minutes.
From 100 to 0, overnight
When this happens, the ransomware industry will be halted virtually overnight, Wilson believes.
“The problem is that this will also mean that many of the internet’s most vital systems will suddenly also become vulnerable again,” Wilson says.
“That will be an enormous challenge for the encryption industry, and implementing quantum-resistant encryption is something Senetas has already begun to prepare our customers for.
“If the ransomware attackers get their hands on similar technologies, the world will be back to square one.”
“Votiro Cloud’s patented CDR technology can stop ransomware attackers at the front door, even if they’re using completely novel approaches to get in – through what in the industry we call ‘zero day’ attacks,” Wilson adds.
“With this technology in place, it becomes very difficult to successfully execute a ransomware attack.
“There will always be a need for this type of technology, just as there will also always be a need to encrypt private data and lock our front doors.
“Between Votiro and Senetas we have solutions in place to tackle both sides of these cybersecurity issues today, and well into the future.”
This article was developed in collaboration with Senetas, a Stockhead advertiser at the time of publishing.
This article does not constitute financial product advice. You should consider obtaining independent advice before making any financial decisions.