Hyland 160x1200

Hyland 160x1200

Hyland 705x108

Friday, 11 June 2021 10:04

Why ransomware attacks are increasing, and what measures can companies implement to secure their data?

By

More companies are becoming prey and victims of ransomware attacks. Research firm and security company Forrester gives advice to companies on how to thwart threats.

AXA Asia, FujiFilm, New York City’s transit system (MTA), and meatpacking company JBS are among the companies that recently joined SolarWinds and Colonial Pipeline as victims of ransomware attacks.

With the spate of attacks, research firm and security company Forrester asks: Why do ransomware attacks seem to be on the increase? How do attackers evade detection? And what measures can companies take to deter hackers or stay safe?

Steve Turner, Forrester analyst, provides the following comments on why ransomware attacks happen:

“These attacks are accelerating because they are lucrative for the attackers. They cost them virtually nothing to execute compared to the sometimes double pay day they receive by holding companies hostage and then threatening to leak the data they stole. Plus, these organisations have ephemeral infrastructure, which means that what they are using can quickly be stood up and torn down, or are running RaaS, Ransomware-As-A-Service, where they have got a lot of affiliates that are actually executing the attacks.”

“Companies are rarely prepared because they may not have touched or tested their incident response plan since it was created. A lot of companies have not run tabletop exercises that include folks outside of their IT/security teams simulating a ransomware attack. We need to increase our preparedness on both of these fronts.”

“Critical infrastructure is an easy target because attackers feel like they’ve backed those companies into a corner and they do not have any choice, but to pay the ransom. Until there’s requirements or penalties for companies in these critical sectors, they will continue paying the ransom and ransomware operators will continue to target them.”

Turner offers six-point advice on best practices to thwart attacks:

1. If the company doesn’t have a robust backup and data storage strategy, that should be priority #1. Identify where all your critical data sits and back it up regularly to somewhere where it can be stored disconnected from the company’s network. Test restoring those backups to ensure your whole strategy works end to end.

2. Security hygiene is key to helping prevent and ultimately contain ransomware. Companies should be patching their systems and apps on at least a monthly basis if not more regularly. Prioritise systems and apps that are connected directly to the internet.

3. Multifactor has been something that we still see that is not turned on within environments, yet it’s one of the best security controls you can utilize to stop an attacker dead in their tracks. While we know it’s not something easy, it is paramount that companies try to centralize their identity systems and require multifactor where possible.

4. Secure privileged accounts immediately and require multifactor. Make sure to include admin accounts that are used to manage your cloud environments as well.

5. Ensure to have an endpoint protection deployed to all of your computers and servers. Make sure that it is turned on, updated, and working. Most companies can get a health check from their endpoint protection vendor for free, take advantage of that.

6. Put a plan in place to move towards Zero Trust, this can be in bits in pieces by implementing least privilege, segmenting critical pieces of your network, or even by starting to implement multifactor.

Read 2154 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

SONICWALL 2022 CYBER THREAT REPORT

The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Ransomware
Cryptojacking
Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.

GET REPORT!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Kenn Anthony Mendoza

Kenn Anthony Mendoza is the newest member of the iTWire team. Kenn is also a contributing writer for South China Morning Post Style, and has written stories on Korean entertainment, Asian and European royalty, Millionaires and Billionaires, and LGBTQIA+ issues. He has been published in Philippine newspapers, magazines, and online sites: Tatler PhilippinesManila BulletinCNN Philippines LifePhilippine StarManila Times, and The Daily Tribune. Kenn now covers all aspects of technology news for iTWire.com.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments