Ransomware’s Serious Effects On Cyber Security

Uploaded on 2022-06-14 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

In the last few years, we have seen ransomware go from a cybercriminal annoyance to a real national security threat. Prior to this ransomware was a frustrating malware incident requiring a fewhundred dollars. Today, find ransomware has evolved into large, enterprise-wide data breaches that are, in some cases, asking for millions in ransom. 

Cyber security leaders and analysts have been shocked by attacks like SolarWinds supply chain compromise, through to the Colonial Pipeline ransomware attack and issues with the Ukraine conflict. 

Ransomware is now a massive concern for cyber security professionals, according to the 2022 Infosecurity Group State of Cybersecurity Report.

Ransomware is a type of malware that prevents you from accessing your computer (or the data that is stored on it). The computer itself may become locked, or the data on it might be stolen, deleted or encrypted. Some ransomware will also try to spread to other machines on the network.

The ransomware boom under US President Obama's administration which approached it as part of an overall response cyber crime. That involved putting agents on the ground around the world to score tactical wins in countries that were otherwise uncooperative, but defence against such attacks fell down the list of priorities under Trump even as ransomware itself boomed.

This new report reviews and analyses cyber security professionals worries and this year’s study found ransomware was 28% concern, the biggest trend among the respondents (28%). This is closely followed by geopolitics/nation-state attacks (24%) and supply chain attacks (22%). 

Ransomware has become increasingly more sophisticated, with authorities stepping up their response in an effort to thwart these attacks and put pressure on ransomware groups.

Ransomware attacks have increased because they remain effective in not only locking up customer data but bringing businesses to a halt and offering huge financial gain for the attackers.

Geopolitical unrest was also a critical talking point in this years’ report with the war in Ukraine causing a shift in hostilities into cyberspace. Expectations for global change to address cyber warfare was heightened amongst the respondents.

Other Key Trends Include:

  • Cloud/multi-cloud security.
  • Remote work and return.
  • 'Deperimeterisation' & Zero trust.
  • Cybersecurity awareness/human behaviour.
  • AI/ML (including deep fakes).
  • Phishing/ Social engineering.
  • IoT security and standardisation.
  • Identity and access management.
  • Data protection/identity theft & cyber crime.

Companies Are Finding Success Using These Measures:

  • Securing all RDP:  COVID-19 saw workforces shift to work from home—and home networks are often rife with poor security. Solid basic hygiene would include strong passwords, multifactor authentication, software updates, restricted access, and network-level authentication.
  • Patch Management:  Legacy systems, be it OT or IT, chug along on old software with security gaps. After RDP and phishing attacks, vulnerable software is the next largest attack vector, which is why securing communication channels and patching Windows operating system exploits remain vital.
  • Disabling user-level command-line capabilities and blocking Transmission Control Protocol (TCP) port 445:  Ransomware threat actors run free or low-cost software and scanning tools, searching for things like credential harvesting and internal unsecured port discovery from command-line prompts. If command-line capabilities end up disabled, the company becomes a more difficult target. Additionally, blocking port TCP 445 on external-facing infrastructure and internal firewalls also helps reduce the attack surface.
  • Protect Active Directory:  Active Directory is a database and set of services that connects users with the network resources they need to get their work done. The database (or directory) contains critical information about your environment, including what users and computers there are and who’s allowed to do what.
  • Education & Training:  Cyber awareness training and education should be mandatory. You don’t need to be a highly trained and skilled cybersecurity professional, but basic changes in behaviour and awareness of where and how threats can enter your organisation can further reduce risks.

The State of Cybersecurity Report is based on interviews conducted in March 2022 which gathered the opinions numerous cybersecurity experts via online written responses and online one-to-one video interviews for a deeper dive into the state of cyber security.

Infosecurity Magazine:   Infosecurity Magazine:   NCSC:   Technology ReviewZDNet:     McKinsey:   Everbridge:  

You Might Also Read: 

Russian Hackers Account For 74% Of Ransomware Proceeds:

 

« Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine
Using Artificial Intelligence In Military Operations »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ECSC Group

ECSC Group

ECSC is a full-service information security provider, specialising in 24/7/365 security breach detection and Artificial Intelligence (AI).

DTEX Systems

DTEX Systems

DTEX Systems is the global leader for insider risk management. We empower organizations to prevent data loss by proactively stopping insider risks from becoming insider threats.

ControlScan

ControlScan

ControlScan is a Managed Security Services Provider (MSSP) - our primary focus is protecting your business and securing your sensitive data.

KPN Security

KPN Security

KPN Security is the largest and most complete provider of IT security services in the Netherlands.

Focal Point Data Risk

Focal Point Data Risk

Focal Point is a pure-play data risk management provider capable of offering end-to-end consulting, implementation, and training services.

Business Continuity

Business Continuity

Business Continuity delivers integrated IT solutions for cybersecurity, virtualization, cloud platforms and operational security solutions.

Center for Applied Cybersecurity Research (CACR) - University of Indiana

Center for Applied Cybersecurity Research (CACR) - University of Indiana

CACR serves Indiana and the nation by tackling cyber risk in research and other unusual environments through agile, holistic, principle-based cybersecurity.

ReconaSense

ReconaSense

ReconaSense helps protect people, assets, buildings and cities with its next-gen access control and converged physical security intelligence platform.

Accel

Accel

Accel is a leading venture capital firm that invests in people and their companies from the earliest days through all phases of private company growth. Areas of focus include cybersecurity.

Crypsis

Crypsis

Crypsis was built based on a shared vision of creating a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services.

BlueRiSC

BlueRiSC

BlueRiSC invent cutting-edge system assurance solutions for the 21st century with novel software and hardware designs focusing on security technologies that can be game changing.

Synamic Technologies

Synamic Technologies

Synamic Technologies was founded in 2018 as a start-up to automate cyber security processes. Our CISOSCOPE product automates vulnerability management, risk management and compliance.

StealthPath

StealthPath

StealthPath is focused on endpoint protection, securing the “implicit trust” vulnerabilities of current leading information security solutions.

Northern Computer

Northern Computer

Northern Computer provides comprehensive IT solutions that streamline your operations and help you achieve your business goals.

Rite-Solutions

Rite-Solutions

Rite-Solutions is an award-winning software development, systems engineering, and information technology firm.

New Relic

New Relic

After inventing application performance monitoring (APM), New Relic stands at the forefront of observability with the most advanced platform for eliminating digital interruptions.