Responding To Ransomware Attacks

Uploaded on 2021-05-17 in TECHNOLOGY--Resilience, FREE TO VIEW

Ransomware cyber attacks are a big business, so big in fact, that research anticipates a business is attacked by a cyber criminal every few seconds and damage costs from these attacks will hit around $20 billion this year. 

These attacks are becoming more frequent, severe, and sophisticated and it organisations caught off guard can experience a “paralysis” that lessens the effectiveness of their response. After the recent string of ransomware attacks, including those on the Washington DC Metro Police force and the Colonial gas pipeline, many organisations are ensuring their backup/recovery infrastructure in place is ready to support a recovery should ransomware enter their operations. 

"The most important thing organisations can do is ensure employees are well positioned to recognise a ransomware attack, know what to do, and act quickly," said Anthony Chadd a security risk expert at Neustar. "There should be a cyber crisis response plan in place that all employees have been trained on.  Think of it like CPR for the network... When employees know what to do and can act quickly, it can buy IT and security administrators enough time to avert a major catastrophe."

The first move for an employee  is to record details of the ransom note, which may contain important information for security teams, before disconnecting their machine from the network entirely.

Hackers are now routinely including backup infrastructure in their attacks, thereby making recovery much more difficult or impossible. Index Engines, a cyber defense company that supports backup products from vendors such as Dell to ensure backup environments are available to provide clean recoveries, would like to offer commentary on these and other attacks. 

“Organisations need to accelerate their data resiliency strategy. Gone are the days were cyber criminals maliciously corrupted random data."Jim McGann, Index Engine's VP of Marketing advises “Bad actors are sabotaging companies’ recovery processes to further extend their downtime and force them to pay these exorbitant ransoms. Both the REvil and Conti ransomware have releases updates where they can now corrupt or shut off the backups."

Backup data is critical when recovering from a ransomware attack. Knowing that it is common for cyber criminals to encrypt and corrupt files, backup is where organisations turn to bring the business backup to pre-attack conditions.  

If organisations do not check the integrity of the data in the backups they will be faced with an unwelcome surprise when using these backups to recover. Many will find these backups corrupted, and the data inside these images encrypted and unusable.

Marsh:        Healthcare IT News:     Index Engine:        Blackfog:        Kennedys:    Image: Unsplash

You Might Also Read: 

Key Trends In Cyber Security:

 

« The Next E-Industrial Revolution
British Law To Protect Online Users »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ADF Solutions

ADF Solutions

ADF Solutions is a leading provider of digital forensic and media storage exploitation tools.

Deltagon

Deltagon

Deltagon develops information security solutions to protect companies’ confidential information in e-communication and e-services.

Advanced Software Products Group (ASPG)

Advanced Software Products Group (ASPG)

ASPG offers a wide range of innovative mainframe software solutions for Data Security, Access Management, System Management and CICS productivity.

Idaptive

Idaptive

Idaptive delivers Next-Gen Access through a zero trust approach. Idaptive secures access everywhere with single sign-on, adaptive MFA, EMM and analytics.

Workz Group

Workz Group

Workz connects and protects mobile subscribers of today and tomorrow by providing secure removable or embedded SIMs and remote provisioning solutions for consumer, M2M and IOT devices.

SecurityGate

SecurityGate

SecurityGate.io is the only Integrated Risk Management platform built for OT/ICS cybersecurity. The leading Risk Assessment Platform for Critical Infrastructure.

Have I Been Pwned (HIBP)

Have I Been Pwned (HIBP)

Have I Been Pwned is a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach.

Imageware

Imageware

Imageware is a leader in biometric cybersecurity. Protect against costly, damaging ransomware hacks by employing biometric cybersecurity solutions.

IDECSI

IDECSI

IDECSI delivers cutting-edge technology and engages all employees in the security system for effective and cost-efficient data protection.

RiverSafe

RiverSafe

RiverSafe is a professional services provider specialising in Cyber Security, Data Operations and DevOps, putting security at the heart of everything we do.

Mantodea Security

Mantodea Security

Mantodea Security is an industry-agnostic powerhouse backed by extensive experience and expertise in the realm of IT security.

Oxford Information Labs (OXIL)

Oxford Information Labs (OXIL)

Oxford Information Labs brings together world-class software programmers and policy experts to provide a unique mix of expertise and hands on technical solutions.

Focus Group

Focus Group

Focus Group are one of the UK’s leading independent providers of essential business technology. Here to take care of all your telecoms, IT and connectivity services.

Pvotal Technologies

Pvotal Technologies

Pvotal Technologies engineer complex, automated processes aligned with best AIOps, BizDevOps, DevSecOps, CloudOps, and ITOps practices.

Vantyr

Vantyr

Vantyr's core mission is to safeguard the business-led adoption of SaaS applications by automating the lifecycle management and security of non-human identities.

EU CyberNet

EU CyberNet

EU CyberNet – the bridge to cybersecurity expertise in the European Union. We establish a network and a practical learning platform with the goal to strengthen cybersecurity globally.