By Anusha Ashwin
The world is reeling from a massive, unprecedented ransomware attack that has affected nearly 100 countries around the world. And, the real extent of damage could take long to be ascertained.
Organizations ranging from the NHS in the UK, Russian Interior Ministry, Telefonica, Chinese school system, Nissan, FedEx, police units in India to Deutsche Bahn in Germany are among the worst affected. The list could only grow over the next few days as more organizations and corporates unravel the real impact.
Hyderabad-based cybersecurity and threat intelligence company, Unik Systems Design & Marketing believes that a more radical approach to security engineering is needed to protect from the advanced attacks carried out these days, rather than the common incremental or patch approaches.
In an interaction with Voice&Data, Chakradhar Kommera, co-Founder and Director of Unik, educates on how to guard an organization from ransomware attacks
Voice&Data: To begin with, could you outline when Unik Systems was incorporated and what kind of security solutions does the company offer?
Chakradhar Kommera: Unik Systems Design & Marketing Pvt Ltd was registered in early 2010 and it is a complete indigenous cyber-security technology company, offering security products/solutions to enterprises, government, defense and homeland security segments. The company’s pioneering efforts have resulted in the development of a strong breed of customizable products & solutions, which have been successfully deployed at various critical projects globally. The company has a couple of global patents on innovative cryptology techniques.
Voice&Data: As a developer of security products for the IT industry you are cognizant about the vulnerabilities in the software industry. Could you elaborate on this?
Chakradhar Kommera: Many of the standard software that are being deployed in the various organizations, have a common vulnerability in the name of remote management or backdoor, although the developers call it as a security feature.
These backdoors are protected by a weak/vulnerable authentication and encryption mechanisms. Attackers & state-sponsored actors gain access to these backdoors by using many hacking techniques and compromising the systems and leaving the organizations at loss – financial-wise and reputation-wise.
Unik Systems has carefully studied the approaches of many hacking/malware attacks and triggered those vulnerable loopholes with strong security implementations. With its ‘build-your-own-trust’ approach, the company’s products have always been a vital solution for many security specialists & decision makers to protect their valuable information with secure authentication, storage and transmission technologies.
Voice&Data: What does Unik know about the recent attack?
Chakradhar Kommera: While full forensic analysis of the attack could take months to complete, what we know so far can be summarized into the following points:
- Exploits believed to have been found and used by the US NSA in systems such as Windows OS were used to design the malware. It is worth noting that an entity called “Shadow Brokers” claimed to have hacked NSA systems and found a dump of exploits which were made public only a few months ago! Now it appears that these tools have become the basis of the attack. Given that the dump is now spread heavily over the dark web, it is anybody’s guess how many such attacks could be engineered soon. In any case the concern is much broader than this dump as new “Zero Day” attacks are launched regularly.
- The malware may have been designed based on weaknesses found in operating system, but the malware needed to be spread to large number of unsuspecting victims. Once again, email systems emerged as one of the weakest links. Spear phishing used to make one of the users in NHS to download a file laden with malware, and from thereon usually there is little defense for the organization. We have found malware spreading dangerously in many recent cases using email systems and other open communication systems such as WhatsApp and Skype.
- It remains to be seen how the malware spread so fast across so many organizations around the world in such a small time. This highlights the danger of the open communication systems the world has become so used to.
- It is not clear yet whether identity breach is a reason for this attack, but a number of high profile breaches in the last 12 months found to have been initiated by stealing identity credentials.
- It is very likely that most of the organizations that have become victims in the attack were using state-of-the-art anti-virus systems, firewalls and other advanced intrusion prevention systems. It is intriguing that knowledge and analysis-based protection systems are again found wanting to protect from dangerous attacks as advanced persistent threat (APT) attacks are using identity theft and phishing attacks more successfully.
Voice&Data: With so much technology inclusion and deployments, how do you perceive the threat and malware attack to grow?
Chakradhar Kommera: Cybercrime likely will never go away. The recent studies reveal that more than one-third of the victims are willing to negotiate with cyber criminals to recover their stolen or encrypted data. The better prepared organizations have been focusing to tighten their cyber defenses with build-your-own-trust enabled security solutions.
While the spread of the present ‘WannaCry’ ransomware attack has slowed due to accidental remedy by a UK-based cyberanalyst, concern remains that such attacks could be launched in a much larger scale in the near future as the tools for embarking on ransomware attacks are readily available on the dark web.
Voice&Data: What is the best practice to curb the attacks?
Chakradhar Kommera: Unik Systems strongly believes in implementation of cyber safety practices: -
(a) Extra carefulness in browsing various websites or protecting/curtailing access to vulnerable sites,
(b) Filtering, monitoring & analyzing the traffic from vulnerable sites/IP Addresses, and
(c) Diligence in opening emails, especially with attachments from unknown sources.
Voice&Data: A recent product launch ZeroXT by your company is capable of tackling ransomware attacks. Can you share more details on that?
Chakradhar Kommera: Unik Systems has developed and launched ZeroXT, a product that will protect data-at-rest against a variety of threats, such as ransomware attacks, unauthorized access, data leakage, unauthorized retrieval of data from stolen hard disks, data modification and data destruction. The solution is being evaluated by our critical clients.
Voice&Data: R&D is the backbone of Unik. What are your further plans in new product development?
Chakradhar Kommera: In the last couple of years, Unik has extended its R&D with new developments in the areas of Secure Identity & Access Management, Secure Wireless Communication, Secure Computing with clean & read-only Operating Systems, Secure Data-at-rest, and Blockchain-based messaging solutions. The new product development will facilitate the organizations to protect their sensitive data with customized security solutions.
After the attack on Sony Entertainment in 2014, Unik Systems had rightly predicted and invested significantly in R&D over the last few years to help enterprises thwart such advanced attacks. Since then, Unik’s Hardened Microkernel, end-to-end encrypted Messenger, communication security devices, have been validated and deployed by Indian defense, scientific and security organizations.