Winning The Battle Against Ransomware

Uploaded on 2024-01-08 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

Ransomware is a form of malware designed to damage and destroy computers and computer systems, usually to facilitate extortion.  Just one successful ransomware attack that leads to a data breach is an existential threat to any organisation, with the average cost of a ransomware-related data breach stands at $4.54m, which can take down many companies. 

It is also increasingly linked to data theft, and to threats to publish sensitive information online. Mass data loss from an attack can be irreversible, even when the ransom is paid.  After a downturn in attacks and payouts in 2022 ransomware returned with a vengeance in 2023 with  514 reported attacks in September alone and the trend will likely grow in 2024.

The highest-profile ransomware incident in 2023 was the attack on the MGM casino and hotels business September 2023, which forced the company to shut down its nationwide computer network, incurring an estimated $100 million loss. The same attacker, also hit rival gaming giant Caesars Entertainment, which paid a $15 million ransom. 

One important solution is context-sensitive defence, which has a threat exposure reduction, deep learning anti-malware protection, and comprehensive anti-ransomware and anti-exploit capabilities. 

A key components of context-sensitive defence is the adaptive nature of endpoint security that can automatically apply more aggressive protection when a device is under attack. However healthcare often don’t have context-sensitive defences and this trend is having a greater impact was the continuous onslaught upon health-care providers, who are hit by ransomware attacks and these attackers hit even harder in 2023. 

Healthcare ransomware attacks can lead to hospital increasing the risks on patients who need immediate treatment for such time-sensitive emergencies as strokes and heart attacks.

Overall, organisations seemed to be growing more confident that they could successfully respond to ransomware attacks. 70% of survey respondents had "moderate to high levels of confidence" in their companies' abilities to handle ransomware attacks, and 79% said they had mostly or fully completed secure backups of critical data.

Unfortunately, organisations in sectors hit hardest by ransomware, such as healthcare and education, often have ineffective security safeguards. Few educational institutions are public companies, but we may see a record number of breach-related SEC penalties levied against publicly traded healthcare providers in 2024. 

Even the best cyber security systems sometimes fail, so make sure that all sensitive data is protected by multiple layers of defence. 

At a minimum this should include: file encryption, including data stored in the cloud, employee access controls, multi-factor authentication, network segmentation and limiting or turning off remote access to the network. 

Parlaiment.UK:    SC Magazine:   Malware.news:    Sonic Wall:     Graphus.AI:     Help Ransomare:   

Power Grid International:    Cybersecurity Collaboration      Imge: Shubham Dhage

You Might Also Read: 

Quadruple Extortion Ransomware:

DIRECTORY OF SUPPLIERS - Ransomware Protection:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« 23andMe Blames The Victims
Airbus To Pay €1.8bn To Buy Atos Cyber Security Unit »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

RioRey

RioRey

The DDoS mitigation specialist, from single server to Enterprise wide carrier level networks the RioRey Solution provides effective immediate and easy to manage protection.

F-Response

F-Response

F-Response is a software utility that enables an investigator to conduct live Forensics, Data Recovery, and eDiscovery over an IP network using their tools of choice.

CERT-AM

CERT-AM

CERT-AM is the national Computer Emergency Response Team for Armenia.

CERT Syria

CERT Syria

CERT Syria is the national Computer Emergency Response Team for Syria.

SKOUT Secure Intelligence

SKOUT Secure Intelligence

SkOUT Secure Intelligence (formerly Oxford Solutions) provides cyber security monitoring services to organizations around the globe.

NAVEX Global

NAVEX Global

NAVEX Global’s compliance management system consolidates your entire GRC program onto a scalable cloud-based platform.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

GoCyber

GoCyber

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.

GK8

GK8

GK8 is a cyber security company that offers a high security custodian technology for managing and safeguarding digital assets. Secure, Compliant and Practical.

QA Consultants

QA Consultants

QA Consultants is North America’s largest software quality engineering services firm, an award-winning onshore provider of software testing and quality assurance solutions.

ShellBoxes

ShellBoxes

ShellBoxes are a leading Web3 company focused on providing top-notch blockchain security and development services.

Anjuna Security

Anjuna Security

Software from Anjuna Security effortlessly enables enterprises to safely run even their most sensitive workloads in the public cloud.

CloudDefense.AI

CloudDefense.AI

CloudDefense.AI is an industry-leading multi-layered Cloud Native Application and Protection Platform (CNAPP) that safeguards your cloud infrastructure and cloud-native apps,

Triovega

Triovega

Triovega are a leading provider for production security and efficiency. Our solutions enhance OT security, and reduce production downtime.

Rakuten Maritime

Rakuten Maritime

Rakuten Maritime is your trusted partner in maritime cybersecurity, offering comprehensive and proactive solutions tailored to every stage of a ship’s life cycle.

ArmourZero

ArmourZero

ArmourZero help organisations redefine their cybersecurity strategy - increase visibility, minimise complexity, manage risk, and enhance protection, all under a unified security operations platform.