Responding To Ransomware Attacks

Uploaded on 2021-05-17 in TECHNOLOGY--Resilience, FREE TO VIEW

Ransomware cyber attacks are a big business, so big in fact, that research anticipates a business is attacked by a cyber criminal every few seconds and damage costs from these attacks will hit around $20 billion this year. 

These attacks are becoming more frequent, severe, and sophisticated and it organisations caught off guard can experience a “paralysis” that lessens the effectiveness of their response. After the recent string of ransomware attacks, including those on the Washington DC Metro Police force and the Colonial gas pipeline, many organisations are ensuring their backup/recovery infrastructure in place is ready to support a recovery should ransomware enter their operations. 

"The most important thing organisations can do is ensure employees are well positioned to recognise a ransomware attack, know what to do, and act quickly," said Anthony Chadd a security risk expert at Neustar. "There should be a cyber crisis response plan in place that all employees have been trained on.  Think of it like CPR for the network... When employees know what to do and can act quickly, it can buy IT and security administrators enough time to avert a major catastrophe."

The first move for an employee  is to record details of the ransom note, which may contain important information for security teams, before disconnecting their machine from the network entirely.

Hackers are now routinely including backup infrastructure in their attacks, thereby making recovery much more difficult or impossible. Index Engines, a cyber defense company that supports backup products from vendors such as Dell to ensure backup environments are available to provide clean recoveries, would like to offer commentary on these and other attacks. 

“Organisations need to accelerate their data resiliency strategy. Gone are the days were cyber criminals maliciously corrupted random data."Jim McGann, Index Engine's VP of Marketing advises “Bad actors are sabotaging companies’ recovery processes to further extend their downtime and force them to pay these exorbitant ransoms. Both the REvil and Conti ransomware have releases updates where they can now corrupt or shut off the backups."

Backup data is critical when recovering from a ransomware attack. Knowing that it is common for cyber criminals to encrypt and corrupt files, backup is where organisations turn to bring the business backup to pre-attack conditions.  

If organisations do not check the integrity of the data in the backups they will be faced with an unwelcome surprise when using these backups to recover. Many will find these backups corrupted, and the data inside these images encrypted and unusable.

Marsh:        Healthcare IT News:     Index Engine:        Blackfog:        Kennedys:    Image: Unsplash

You Might Also Read: 

Key Trends In Cyber Security:

 

« The Next E-Industrial Revolution
British Law To Protect Online Users »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA) is a non-profit organization dedicated to leading a diversified research agenda in the field of cyber conflict.

Performanta

Performanta

Performanta offer a consultative approach to people, process and technology, focusing on security projects in line with adversarial, accidental and environmental business risk.

RiskSense

RiskSense

RiskSense empowers enterprises and governments to reveal cyber risk, quickly orchestrate remediation, and monitor the results.

Korea Internet & Security Agency (KISA)

Korea Internet & Security Agency (KISA)

KISA is committed to improving the competitiveness, reliability and security of Internet information and knowledge in Korea.

Managed Security Solutions (MSS)

Managed Security Solutions (MSS)

MSS deliver consultancy services and managed security services for IT departments who may lack the time, resources, or expertise themselves.

Sage Designs

Sage Designs

Sage Designs is a provider of SCADA, Security & Industrial Automation products and training programs.

Smarttech247

Smarttech247

Smarttech247 deliver a range of cyber security solutions, including cognitive security services using IBM Watson for Cybersecurity, SIEM, Compliance & Governance, and Penetration Testing.

Puleng Technologies

Puleng Technologies

Puleng provides customers with a client-centric strategy to manage and secure the two most valuable assets an organisation has - its Data and Users.

Macquarie Telecom Group

Macquarie Telecom Group

Macquarie Telecom is Australia's datacentre, cloud, cyber security and telecom company for mid-large business and government customers.

Lunio

Lunio

Lunio makes the internet a safer and more reliable place for everyone trying to grow their business by automatically getting rid of fake clicks, traffic, and leads on all ad platforms.

Dr Web

Dr Web

Since 1992 the Russian anti-virus Dr.Web has been helping companies to keep their digital assets protected and operate in a secure digital environment.

WheelHouse IT

WheelHouse IT

WheelHouse IT secures, manages, and advances businesses with innovative, cost-effective IT solutions.

CyberMontana

CyberMontana

CyberMontana is a statewide initiative providing cybersecurity awareness, training, and workforce development for businesses and residents of Montana.

Harmonic Security

Harmonic Security

Harmonic Security helps companies to adopt Generative AI without risking the security and privacy of their data.

Cynclair

Cynclair

Cybersecurity is a complex beast. And we're the beast-tamers. Our team thrives on deciphering the latest threats, building cutting-edge defenses, and making your digital world much safer.

Maveris

Maveris

Maveris is an IT and cybersecurity company committed to helping organizations create secure digital solutions to accelerate their mission.