Winning The Battle Against Ransomware

Uploaded on 2024-01-08 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

Ransomware is a form of malware designed to damage and destroy computers and computer systems, usually to facilitate extortion.  Just one successful ransomware attack that leads to a data breach is an existential threat to any organisation, with the average cost of a ransomware-related data breach stands at $4.54m, which can take down many companies. 

It is also increasingly linked to data theft, and to threats to publish sensitive information online. Mass data loss from an attack can be irreversible, even when the ransom is paid.  After a downturn in attacks and payouts in 2022 ransomware returned with a vengeance in 2023 with  514 reported attacks in September alone and the trend will likely grow in 2024.

The highest-profile ransomware incident in 2023 was the attack on the MGM casino and hotels business September 2023, which forced the company to shut down its nationwide computer network, incurring an estimated $100 million loss. The same attacker, also hit rival gaming giant Caesars Entertainment, which paid a $15 million ransom. 

One important solution is context-sensitive defence, which has a threat exposure reduction, deep learning anti-malware protection, and comprehensive anti-ransomware and anti-exploit capabilities. 

A key components of context-sensitive defence is the adaptive nature of endpoint security that can automatically apply more aggressive protection when a device is under attack. However healthcare often don’t have context-sensitive defences and this trend is having a greater impact was the continuous onslaught upon health-care providers, who are hit by ransomware attacks and these attackers hit even harder in 2023. 

Healthcare ransomware attacks can lead to hospital increasing the risks on patients who need immediate treatment for such time-sensitive emergencies as strokes and heart attacks.

Overall, organisations seemed to be growing more confident that they could successfully respond to ransomware attacks. 70% of survey respondents had "moderate to high levels of confidence" in their companies' abilities to handle ransomware attacks, and 79% said they had mostly or fully completed secure backups of critical data.

Unfortunately, organisations in sectors hit hardest by ransomware, such as healthcare and education, often have ineffective security safeguards. Few educational institutions are public companies, but we may see a record number of breach-related SEC penalties levied against publicly traded healthcare providers in 2024. 

Even the best cyber security systems sometimes fail, so make sure that all sensitive data is protected by multiple layers of defence. 

At a minimum this should include: file encryption, including data stored in the cloud, employee access controls, multi-factor authentication, network segmentation and limiting or turning off remote access to the network. 

Parlaiment.UK:    SC Magazine:   Malware.news:    Sonic Wall:     Graphus.AI:     Help Ransomare:   

Power Grid International:    Cybersecurity Collaboration      Imge: Shubham Dhage

You Might Also Read: 

Quadruple Extortion Ransomware:

DIRECTORY OF SUPPLIERS - Ransomware Protection:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« 23andMe Blames The Victims
Airbus To Pay €1.8bn To Buy Atos Cyber Security Unit »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

National Agency for the Security of Information Systems (ANSSI) - France

National Agency for the Security of Information Systems (ANSSI) - France

The role of Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI) is to foster a coordinated, ambitious, pro-active response to cybersecurity issues in France.

PortSwigger

PortSwigger

PortSwigger's Burp Suite is an integrated platform for performing security testing of web applications.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

QSecure

QSecure

QSecure specializes in the provision of information security and risk management services.

Honeywell Process Solutions (HPS)

Honeywell Process Solutions (HPS)

Honeywell's Industrial Cyber Security Solutions help plants and critical infrastructure sectors defend the availability, reliability and safety of their industrial control systems.

Council of Europe Convention on Cybercrime

Council of Europe Convention on Cybercrime

The Council of Europe helps to protect societies worldwide from the threat of cybercrime through the Convention on Cybercrime.

NanoLock Security

NanoLock Security

NanoLock delivers the industry’s only end-to-end platform for the IoT and connected devices ecosystem.

ZEBOX

ZEBOX

ZEBOX is an international incubator & accelerator of innovative startups. Focus is on Transport/Logistics and Industry X.0 including technologies such as AI, Blockchain and Cybersecurity.

Lionfish Cyber Security

Lionfish Cyber Security

Lionfish Cyber Evolution & Empowerment Model™ empowers SMBs to prepare and protect themselves against cyber threats using a unique combination of on-demand training, support and managed services.

BlueAlly

BlueAlly

BlueAlly helps clients scale, optimize, and manage their IT resources to reach their business goals.

iSTORM

iSTORM

iStorm specialise in supporting organisations who require a range of Privacy, Security and Penetration testing related services.

Flexxon

Flexxon

Flexxon is the industry leader to develop NAND flash storage devices. Our key focus is to innovate memory devices ensuring data security and reliability.

Siren

Siren

Siren provides the leading Investigative Intelligence Platform to some of the world’s leading Law Enforcement, National Security and Cyber threat investigators.

View

View

View is the leader in smart building technologies including OT cybersecurity to securely connect buildings to the cloud and manage building networks and OT devices.

Reveald

Reveald

Reveald is making Exposure Management a reality to solve the biggest challenges in cybersecurity with a trailblazing ‘offense to defense’ approach that gives the advantage back to the business.

BlackOwlCybers

BlackOwlCybers

BlackOwlCybers is a dedicated cybersecurity firm providing comprehensive solutions to protect businesses from evolving digital threats.