Virtualization Technology News and Information
Article
RSS
Cybersecurity Experts Comment on Anti-Ransomware Day

ransomware 

Anti-Ransomware Day reminds organizations to keep themselves safe against ransomware. With a ransomware attack taking place every 19 seconds, organizations must ask themselves: are we prepared? 

Ransomware can exfiltrate data and bring business operations to a halt, leading to financial, reputational, and personal loss. As adversarial tactics become increasingly advanced, security teams need sufficient resources to safeguard their networks and protect against such attacks. Read below for expert insight into how businesses can protect themselves this Anti-Ransomware Day.

Christopher Rogers, technology evangelist at Zerto, a Hewlett-Packard Enterprise company

"Anti-Ransomware Day falling on the anniversary of the infamous 2017 WannaCry attack is a stark reminder of just how devastating sophisticated cyber attacks can be. Infecting more than 300,000 computers across 150 countries and costing the global economy approximately $4 billion, it is unquestionably one of the most significant ransomware attacks the world has ever seen. 

"Thankfully, since the end of 2017 (which was also the year of NotPetya) we have not endured an attack on a similar scale. However, ransomware is far from a waning threat; in fact, it's only just entering its ‘golden age'. Recent research has demonstrated that last year 61% of disaster recovery responses were triggered due to ransomware and it took businesses an average of 21 days to recover. 

"So, with ransomware only increasing in frequency and sophistication, prevention and recovery methods are no longer enough. It's time to embrace resilience. According to Gartner, "isolated recovery environments (IREs) with immutable data vaults (IDVs) provide the highest level of security and recovery against insider threats, ransomware, and other forms of hacking". This means organisations need to be investing in technology such as isolated and air-gapped vaults that provide the means to protect, detect, and recover from ransomware attacks in any environment. 

"In 2023, the threat of ransomware is not an ‘if', it's a ‘when'. By taking advantage of the right technology and embracing resilience, organizations can ensure that when an attack occurs the damage and downtime are a fraction of what they could be."

++

Randeep Gill, Principal Cybersecurity Strategy, Exabeam

"There was a time when endpoint technology stood relatively strong in two key areas. On the one hand, the traditional anti-virus/malware agent served as a stand-alone protector against recognized threats by drawing attention to unusual activity and lowering noise. On the server side, endpoint technologies' application control helped determine what should be running, how it should be running, and by whom.  

Unfortunately, endpoint detection and response (EDR) solutions, which were initially designed to identify behavior and were utilized for forensic examination by analysts, also have a high susceptibility to exploitation themselves.If an adversary were to take advantage of an EDR tool, they would have access to variety of an organization's telemetry, including user and identity authentication, access to files, system variables and key business applications. All of which increases the scope through which ransomware can be deployed.

On Anti-Ransomware Day, I wanted to remind enterprises to go beyond just EDR solutions to improve security posture and mitigate the risk of a ransomware attack. Security teams need complete and holistic visibility across any environment - which includes, but is not limited to, endpoint logs. In order to paint a full picture, CISOs and their security teams must be able to monitor user and device behavior across the whole network to distinguish between normal and anomalous behavior."

++

Justin McCarthy, CTO and co-founder, StrongDM 

"Anti-Ransomware Day is a great reminder of the importance of regularly examining identity and access management practices. After all, before ransomware can get disseminated, an adversary has to gain initial access into a network. With Verizon reporting that 61% of all security breaches involve the exploitation of credentials, and StrongDM reporting that 55% of organizations maintain backdoor access to infrastructure, it's very likely a majority of ransomware incidents are spurred by poor access management practices. 

With as distributed as our world has become, it's imperative that executives and IT teams consider applying the principle of least privilege (PoLP) and take a zero-standing privilege approach. Doing so ensures that credentials only exist in the moments they're needed, that every action is secure and auditable, and that credentials are essentially removed from the equation entirely. By limiting access as much as possible, organizations will reduce their attack surface and help mitigate the risk of ransomware." 

++

Arti Raman, Founder and CEO, Titaniam

"Protecting data from the threat of ransomware remains a priority for CISOs and cybersecurity professionals. This Anti-Ransomware Day, we must practice proper cyber hygiene, by adding data security in the form of encryption, not only at rest and in transit but also in use. Encryption and other in use controls such as tokenization dramatically decrease red blast radius from ransomware attacks since they make stolen data unusable for extortion. 

Despite a decrease in ransomware attacks in 2022, in 2023, there have been more advanced ransomware strains that are a larger concern due to newly developed double extortion techniques. We can combat these attacks by investing in encryption-in-use that stays in place even if bad actors get their hands on valuable data therefore making it illegible and unusable as a source of leverage. 

Threat actors used to extort data by accessing data from large repositories and also backed-up information. Now, new forms of ransomware can exploit VPN vulnerabilities and garner continuous access to proprietary information. Organizations must invest in proactive data security controls to counter this threat."

++

Aaron Sandeen, CEO and co-founder, Securin

"Anti-Ransomware Day serves as a reminder of the looming threat of ransomware and how enterprise leaders need to be aware of cyber threats to keep their business safe. Ransomware attacks have continued to terrorize enterprises since the 2017 WannaCry attacks by the Lazarus group. In 2022 alone, IBM reported an average ransom payment of $812,360, with the total cost of a ransomware attack on an enterprise being $4.5 million on average.

To combat this ever-present threat, organizations need to prioritize the detection and prevention of threats over recovery. Implementing strong security measures across the board, from patching software to employee training, all play a pivotal role in ensuring a strong security posture. Enterprises can eventually recover from a ransomware attack, however, prevention is the ultimate goal for a proactive cybersecurity strategy."

Stay informed and take proactive measures to safeguard your organization by leveraging Securin's ransomware knowledge and expertise."

##

Published Friday, May 12, 2023 11:34 AM by David Marshall
Filed under: , ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<May 2023>
SuMoTuWeThFrSa
30123456
78910111213
14151617181920
21222324252627
28293031123
45678910