Ransomware’s Serious Effects On Cyber Security

Uploaded on 2022-06-14 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

In the last few years, we have seen ransomware go from a cybercriminal annoyance to a real national security threat. Prior to this ransomware was a frustrating malware incident requiring a fewhundred dollars. Today, find ransomware has evolved into large, enterprise-wide data breaches that are, in some cases, asking for millions in ransom. 

Cyber security leaders and analysts have been shocked by attacks like SolarWinds supply chain compromise, through to the Colonial Pipeline ransomware attack and issues with the Ukraine conflict. 

Ransomware is now a massive concern for cyber security professionals, according to the 2022 Infosecurity Group State of Cybersecurity Report.

Ransomware is a type of malware that prevents you from accessing your computer (or the data that is stored on it). The computer itself may become locked, or the data on it might be stolen, deleted or encrypted. Some ransomware will also try to spread to other machines on the network.

The ransomware boom under US President Obama's administration which approached it as part of an overall response cyber crime. That involved putting agents on the ground around the world to score tactical wins in countries that were otherwise uncooperative, but defence against such attacks fell down the list of priorities under Trump even as ransomware itself boomed.

This new report reviews and analyses cyber security professionals worries and this year’s study found ransomware was 28% concern, the biggest trend among the respondents (28%). This is closely followed by geopolitics/nation-state attacks (24%) and supply chain attacks (22%). 

Ransomware has become increasingly more sophisticated, with authorities stepping up their response in an effort to thwart these attacks and put pressure on ransomware groups.

Ransomware attacks have increased because they remain effective in not only locking up customer data but bringing businesses to a halt and offering huge financial gain for the attackers.

Geopolitical unrest was also a critical talking point in this years’ report with the war in Ukraine causing a shift in hostilities into cyberspace. Expectations for global change to address cyber warfare was heightened amongst the respondents.

Other Key Trends Include:

  • Cloud/multi-cloud security.
  • Remote work and return.
  • 'Deperimeterisation' & Zero trust.
  • Cybersecurity awareness/human behaviour.
  • AI/ML (including deep fakes).
  • Phishing/ Social engineering.
  • IoT security and standardisation.
  • Identity and access management.
  • Data protection/identity theft & cyber crime.

Companies Are Finding Success Using These Measures:

  • Securing all RDP:  COVID-19 saw workforces shift to work from home—and home networks are often rife with poor security. Solid basic hygiene would include strong passwords, multifactor authentication, software updates, restricted access, and network-level authentication.
  • Patch Management:  Legacy systems, be it OT or IT, chug along on old software with security gaps. After RDP and phishing attacks, vulnerable software is the next largest attack vector, which is why securing communication channels and patching Windows operating system exploits remain vital.
  • Disabling user-level command-line capabilities and blocking Transmission Control Protocol (TCP) port 445:  Ransomware threat actors run free or low-cost software and scanning tools, searching for things like credential harvesting and internal unsecured port discovery from command-line prompts. If command-line capabilities end up disabled, the company becomes a more difficult target. Additionally, blocking port TCP 445 on external-facing infrastructure and internal firewalls also helps reduce the attack surface.
  • Protect Active Directory:  Active Directory is a database and set of services that connects users with the network resources they need to get their work done. The database (or directory) contains critical information about your environment, including what users and computers there are and who’s allowed to do what.
  • Education & Training:  Cyber awareness training and education should be mandatory. You don’t need to be a highly trained and skilled cybersecurity professional, but basic changes in behaviour and awareness of where and how threats can enter your organisation can further reduce risks.

The State of Cybersecurity Report is based on interviews conducted in March 2022 which gathered the opinions numerous cybersecurity experts via online written responses and online one-to-one video interviews for a deeper dive into the state of cyber security.

Infosecurity Magazine:   Infosecurity Magazine:   NCSC:   Technology ReviewZDNet:     McKinsey:   Everbridge:  

You Might Also Read: 

Russian Hackers Account For 74% Of Ransomware Proceeds:

 

« Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine
Using Artificial Intelligence In Military Operations »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Adeptis Group

Adeptis Group

Adeptis are experts in cyber security recruitment, providing bespoke staffing solutions to safeguard your organisation against ever-changing cyber threats.

Watchcom Security Group

Watchcom Security Group

Watchcom is one of Norway's foremost suppliers of information security consultancy services.

Khipu Networks

Khipu Networks

Khipu Networks is an award winning Cyber Security Company delivering a wide range of network, wireless and security solutions, technologies and services across multiple sectors.

CyberSeek

CyberSeek

CyberSeek provides detailed, actionable data about supply and demand in the cybersecurity job market.

Aptible

Aptible

Aptible is a Platform as a Service (PaaS) that gives startups everything developers need to launch and scale apps and databases that are secure, reliable, and compliant.

Scantist

Scantist

Scantist is a cyber-security spin-off from Nanyang Technological University (Singapore) which leverages its expertise to provide vulnerability management solutions to enterprise clients.

CyberSecurity Non-Profit (CSNP)

CyberSecurity Non-Profit (CSNP)

CyberSecurity Non-Profit (CSNP) is a 501(c)(3) non-profit organization dedicated to promoting cybersecurity awareness and education.

IntelliGenesis

IntelliGenesis

IntelliGenesis provide comprehensive cyber, data science, analysis, and software development services that provide tailored, secure solutions for your critical data and intelligence needs.

FYEO

FYEO

FYEO is a threat monitoring and identity access management platform for consumers, enterprises and SMBs.

Entara

Entara

Entara (formerly YJT Solutions) is an eXtended Service Provider (XSP) focused on providing cutting edge technology and cyber security solutions to companies in regulated industries.

Trellix

Trellix

Trellix is an extended detection and response (XDR) solutions provider created from a merger of McAfee Enterprise and FireEye Products.

Timus Networks

Timus Networks

Timus Networks enables today's work from anywhere organizations to secure their networks very easily and cost effectively.

National Cybersecurity Agency (ACN) - Italy

National Cybersecurity Agency (ACN) - Italy

The ACN is the National Authority for Cybersecurity in Italy. the Agency promotes public-private initiatives to strengthen the national cybersecurity and resilience posture.

ClearSky Cyber Security

ClearSky Cyber Security

ClearSky cyber security provides cyber solutions, focused on threat intelligence services, mainly for the financial sector, critical infrastructure, public sector and the pharma sector.

Simbian

Simbian

Simbian, with its hardened TrustedLLM system, is the first to accelerate security by empowering every member of a security team from the C-Suite to frontline practitioners.

Secure Cyber Management

Secure Cyber Management

Secure Cyber Management provides industry-leading cloud security advice, guidance and services.