Ransomware’s Serious Effects On Cyber Security

In the last few years, we have seen ransomware go from a cybercriminal annoyance to a real national security threat. Prior to this ransomware was a frustrating malware incident requiring a fewhundred dollars. Today, find ransomware has evolved into large, enterprise-wide data breaches that are, in some cases, asking for millions in ransom. 

Cyber security leaders and analysts have been shocked by attacks like SolarWinds supply chain compromise, through to the Colonial Pipeline ransomware attack and issues with the Ukraine conflict. 

Ransomware is now a massive concern for cyber security professionals, according to the 2022 Infosecurity Group State of Cybersecurity Report.

Ransomware is a type of malware that prevents you from accessing your computer (or the data that is stored on it). The computer itself may become locked, or the data on it might be stolen, deleted or encrypted. Some ransomware will also try to spread to other machines on the network.

The ransomware boom under US President Obama's administration which approached it as part of an overall response cyber crime. That involved putting agents on the ground around the world to score tactical wins in countries that were otherwise uncooperative, but defence against such attacks fell down the list of priorities under Trump even as ransomware itself boomed.

This new report reviews and analyses cyber security professionals worries and this year’s study found ransomware was 28% concern, the biggest trend among the respondents (28%). This is closely followed by geopolitics/nation-state attacks (24%) and supply chain attacks (22%). 

Ransomware has become increasingly more sophisticated, with authorities stepping up their response in an effort to thwart these attacks and put pressure on ransomware groups.

Ransomware attacks have increased because they remain effective in not only locking up customer data but bringing businesses to a halt and offering huge financial gain for the attackers.

Geopolitical unrest was also a critical talking point in this years’ report with the war in Ukraine causing a shift in hostilities into cyberspace. Expectations for global change to address cyber warfare was heightened amongst the respondents.

Other Key Trends Include:

  • Cloud/multi-cloud security.
  • Remote work and return.
  • 'Deperimeterisation' & Zero trust.
  • Cybersecurity awareness/human behaviour.
  • AI/ML (including deep fakes).
  • Phishing/ Social engineering.
  • IoT security and standardisation.
  • Identity and access management.
  • Data protection/identity theft & cyber crime.

Companies Are Finding Success Using These Measures:

  • Securing all RDP:  COVID-19 saw workforces shift to work from home—and home networks are often rife with poor security. Solid basic hygiene would include strong passwords, multifactor authentication, software updates, restricted access, and network-level authentication.
  • Patch Management:  Legacy systems, be it OT or IT, chug along on old software with security gaps. After RDP and phishing attacks, vulnerable software is the next largest attack vector, which is why securing communication channels and patching Windows operating system exploits remain vital.
  • Disabling user-level command-line capabilities and blocking Transmission Control Protocol (TCP) port 445:  Ransomware threat actors run free or low-cost software and scanning tools, searching for things like credential harvesting and internal unsecured port discovery from command-line prompts. If command-line capabilities end up disabled, the company becomes a more difficult target. Additionally, blocking port TCP 445 on external-facing infrastructure and internal firewalls also helps reduce the attack surface.
  • Protect Active Directory:  Active Directory is a database and set of services that connects users with the network resources they need to get their work done. The database (or directory) contains critical information about your environment, including what users and computers there are and who’s allowed to do what.
  • Education & Training:  Cyber awareness training and education should be mandatory. You don’t need to be a highly trained and skilled cybersecurity professional, but basic changes in behaviour and awareness of where and how threats can enter your organisation can further reduce risks.

The State of Cybersecurity Report is based on interviews conducted in March 2022 which gathered the opinions numerous cybersecurity experts via online written responses and online one-to-one video interviews for a deeper dive into the state of cyber security.

Infosecurity Magazine:   Infosecurity Magazine:   NCSC:   Technology ReviewZDNet:     McKinsey:   Everbridge:  

You Might Also Read: 

Russian Hackers Account For 74% Of Ransomware Proceeds:

 

« Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine
Using Artificial Intelligence In Military Operations »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TBG Security

TBG Security

TBG provides a portfolio of services including cyber security, compliance and continuity solutions.

Orolia

Orolia

Orolia are experts in deploying high precision GPS time through network infrastructure to synchronize critical operations.

SAMATE

SAMATE

The Software Assurance Metrics And Tool Evaluation project is an inter-agency project between the US Department of Homeland Security and NIST.

Datto

Datto

Datto delivers a single toolbox of easy to use products and services designed specifically for managed service providers and the businesses they serve.

IPCopper

IPCopper

IPCopper specializes in network packet capture appliances for cybersecurity, cybersurveillance and network monitoring, and encrypted data storage.

CERT Syria

CERT Syria

CERT Syria is the national Computer Emergency Response Team for Syria.

Real Random

Real Random

Real Random is on a mission to enhance existing and new crypto-systems with its revolutionary solution to generating numbers that are Truly Random.

IronNet Cybersecurity

IronNet Cybersecurity

IronNet’s product and services provide enterprise-wide security management and visibility of your network, users and assets.

Yaana Technologies

Yaana Technologies

Yaana is a leading provider of intelligent compliance solutions including lawful interception, data retention & disclosure, and advanced security analytics.

Halcyon Knights

Halcyon Knights

Halcyon Knights is a specialist executive search and IT recruitment agency in the APAC region. Areas of specialisation include cybersecurity.

elfGROUP

elfGROUP

elfGROUP Cyber Security Services specializes in corporate cybersecurity assurance.

BrandShield

BrandShield

BrandShield is an anti-counterfeiting, anti-phishing and online brand protection solution.

Security Alliance

Security Alliance

Security Alliance provide bespoke cyber intelligence consulting and research services.

MassMutual Ventures

MassMutual Ventures

Mass Mutual ventures backs companies building category-defining businesses in markets including enterprise software, digital health, cybersecurity, and fintech.

Conquest Cyber

Conquest Cyber

Conquest Cyber builds adaptive risk management programs where innovation is most needed – within defense, intelligence, federal civilian agencies and the industrial base that supports them.

Balance Theory

Balance Theory

Balance Theory provides the knowledge infrastructure and collaboration center for the cybersecurity community. A networked community to build better cybersecurity outcomes.