Cookies help us display personalized product recommendations and ensure you have great shopping experience.

By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    sales and data analytics
    How Data Analytics Improves Lead Management and Sales Results
    9 Min Read
    data analytics and truck accident claims
    How Data Analytics Reduces Truck Accidents and Speeds Up Claims
    7 Min Read
    predictive analytics for interior designers
    Interior Designers Boost Profits with Predictive Analytics
    8 Min Read
    image fx (67)
    Improving LinkedIn Ad Strategies with Data Analytics
    9 Min Read
    big data and remote work
    Data Helps Speech-Language Pathologists Deliver Better Results
    6 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-25 SmartData Collective. All Rights Reserved.
Reading: GDPR Fines, Ransomware, and Cybersecurity: What You Need To Know
Share
Notification
Font ResizerAa
SmartData CollectiveSmartData Collective
Font ResizerAa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Data Management > Best Practices > GDPR Fines, Ransomware, and Cybersecurity: What You Need To Know
Best PracticesBig DataData ManagementExclusiveInternet of ThingsPolicy and GovernancePrivacySecurity

GDPR Fines, Ransomware, and Cybersecurity: What You Need To Know

Ryan Kade
Ryan Kade
9 Min Read
GDPR and security
Shutterstock Licensed Photo - By Inspiring
SHARE

The GDPR (General Data Protection Regulation) was developed a few years ago to replace the Data Protection Directive of 1995 in the European Union. After years of revisions, it finally took effect in May. The regulatory framework was enacted to protect the privacy of EU citizens, with GDPR fines and other regulations helping to maintain the rules. It is a noble goal and will likely have a number of positive benefits. However, it may also create a new set of risks that security experts and crisis management teams will need to prepare for. One of them is the likelihood that GDPR ransomware threats are going to rise.

Contents
Will the GDPR put companies on high alert about possible new ransomware attacks?Organizations must take sensible precautions to avoid this dilemmaReset your routerUnderstand the importance of IoT managementMake sure that software is regularly patchedMake sure that your data is regularly backed upHave automated content scanning controls in placeBe very careful using public Wi-Fi connectionsRemain Aware to Stay Safe

Will the GDPR put companies on high alert about possible new ransomware attacks?

Ransomware has become a very serious threat. According to CSO Online, the global costs exceeded $5 billion in 2017. A number of factors have played a role in driving the explosive threat that it poses to organizations of all sizes.

Most laymen wouldn’t attribute the GDPR to an increase in ransomware attacks. However, some of the most astute cybersecurity experts have made this link. The potential for GDPR extortion is worth putting on your radar.

Trend Micro is one of the most prominent organizations to make such a bold prediction. According to a speculative post they published last December, a growing number of ransomware attackers are going to calculate the likely fine a company would face under the GDPR before issuing their demands. They will probably set their ransom demands just under the penalty threshold they would face. The likely outcome is that many companies would make the payment and never report the incident, for fear that EU regulators might find out and impose GDPR fines on top of it.

More Read

Data Lakes: Safe Way to Swim in Big Data?
Webinar Putting Predictive Analytics to Work Using Decision Management
‘Tis the Season for Data Quality
Guidelines on Trading Cryptocurrency Over the Blockchain
Utilizing Big Data For The Lowest Possible Bounce Rate

Other experts have claimed the opposite is likely to occur. They cite a provision in the GDPR that requires organizations to report any security breach, even if the impact is minimal. However, the likelihood that they will follow through on reporting could be low, regardless of the merits of the law.

Some organizations may decide that the risk of being fined is greater than that of quietly breaking the law and sweeping a GDPR ransomware incident under the rug. Also, they may make the argument that the ransomware infection does not qualify as an actual security breach. Some lawyers could argue that ransomware generally locks devices or freezes servers, but does not actually purloin encrypted data, therefore it would not actually qualify as a breach and does not need to be reported.

These threats may be especially effective against very small and home-based businesses. Unfortunately, a growing number of malicious actors are targeting these types of businesses, and GDPR extortion is plausible.

VPNFilter malware attacks are among the biggest threat to home-based businesses. They are specifically designed to infect home Internet routers and small office networks. According to the United States Computer Emergency Response Team, this type of attack has created a number of risks in addition to malware, including:

  • Temporarily or permanently destroying sensitive information
  • Disrupting operations by crashing the network
  • Forcing organizations to spend thousands of dollars or more on file and system restoration
  • Potential causing irreparable harm to the company’s image after the attack was orchestrated

This can be a huge concern for businesses of all sizes. GDPR ransomware attackers realize that home businesses cannot afford anywhere near the fines that the GDPR calls for and will act accordingly.

Organizations must take sensible precautions to avoid this dilemma

Ransomware attacks are likely to increase in the coming years, especially as EU regulators become more stringent about enforcing their policies. Organizations of all sizes must recognize that they may be put in a place where they need to choose between paying the ransom or accepting a fine for failing to meet compliance standards. The regulators may act with leniency, especially if the company is small. However, they should not operate on the assumption that they will get off with a mere slap on the wrist. On the other hand, they should consider the possibility that malicious hackers may continue to organize such attacks as long as they feel there is a chance that the company is in violation of GDPR requirements.

The only guaranteed solution is to make sure the network is strongly defended to prevent a ransomware attack—or any subsequent GDPR extortion—in the first place. Here are some precautions that can help them.

Reset your router

The VPNFilter attacks were organized against businesses with routers that had not been updated for quite some time. Resetting the router could significantly reduce the threat of these attacks. Of course, there are other forms of malware that exploit other vulnerabilities. However, fixing all weak points in your security infrastructure is key, so it is important to address every possible port through which a ransomware attack may be carried out.

Understand the importance of IoT management

According to Cloud Management Suite, securing IoT devices is one of the most important steps to prevent ransomware attacks. Recent figures show that 10% of ransomware attacks against SMBs are targeted at IoT devices. They should keep the IoT network architecture as simple as possible and regular monitor all incoming and outgoing data on all IoT devices to look for threats.

Make sure that software is regularly patched

Hackers take time to understand the flaws in every application they can exploit. The older an application is, the more time they will have had to uncover them. This leaves you vulnerable to attacks. Make sure that your software is patched to prevent this from happening.

Make sure that your data is regularly backed up

Since most organizations carefully encrypt their data, they are not so worried about hackers stealing and releasing it. Although some ransomware attacks do this, the majority threaten to destroy files instead. You can nullify their threat by making sure that your data is carefully backed up on another server that they will not have access to.

Have automated content scanning controls in place

It is vital that you regularly scan incoming emails for all known malware threats. Email is one of the most common ways to distribute malware.

Be very careful using public Wi-Fi connections

Hackers often spoof hotspots to trick people into providing information through them. Make sure that you carefully verify any hotspot that you’re using to prevent them from getting access to your machine.

Remain Aware to Stay Safe

While the threat of ransomware is never fun to think about, it doesn’t need to rule your life either. It’s simply a matter of being as aware as possible and taking whatever precautions you can to decrease your odds of getting hacked, and to keep your data secure. Hopefully, GDPR’s benefits will far outweigh the risks.

TAGGED:#GDPRcybersecuritydata securityransomwaresecurity
Share This Article
Facebook Pinterest LinkedIn
Share
ByRyan Kade
Follow:
Ryan Kade is the editor overseeing contributed content at Smartdata Collective and contributes weekly column.

Follow us on Facebook

Latest News

sales and data analytics
How Data Analytics Improves Lead Management and Sales Results
Analytics Big Data Exclusive
ai in marketing
How AI and Smart Platforms Improve Email Marketing
Artificial Intelligence Exclusive Marketing
AI Document Verification for Legal Firms: Importance & Top Tools
AI Document Verification for Legal Firms: Importance & Top Tools
Artificial Intelligence Exclusive
AI supply chain
AI Tools Are Strengthening Global Supply Chains
Artificial Intelligence Exclusive

Stay Connected

1.2kFollowersLike
33.7kFollowersFollow
222FollowersPin

You Might also Like

facebook libra cryptocurrency
Big DataBlockchainExclusivePrivacy

Does Facebook “Libra” Illustrate The Dark Side Of Big Data?

6 Min Read

New Command to Focus on Cybersecurity for DoD and IC

3 Min Read
Image
Uncategorized

How Machine Learning Is Improving Computer Security

6 Min Read
Three Healthcare IT trends 2013
Uncategorized

Three Healthcare IT Trends for 2013

4 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

AI and chatbots
Chatbots and SEO: How Can Chatbots Improve Your SEO Ranking?
Artificial Intelligence Chatbots Exclusive
AI chatbots
AI Chatbots Can Help Retailers Convert Live Broadcast Viewers into Sales!
Chatbots

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-25 SmartData Collective. All Rights Reserved.
Go to mobile version
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?