Friday, 11 June 2021 10:04

Why ransomware attacks are increasing, and what measures can companies implement to secure their data?

By

More companies are becoming prey and victims of ransomware attacks. Research firm and security company Forrester gives advice to companies on how to thwart threats.

AXA Asia, FujiFilm, New York City’s transit system (MTA), and meatpacking company JBS are among the companies that recently joined SolarWinds and Colonial Pipeline as victims of ransomware attacks.

With the spate of attacks, research firm and security company Forrester asks: Why do ransomware attacks seem to be on the increase? How do attackers evade detection? And what measures can companies take to deter hackers or stay safe?

Steve Turner, Forrester analyst, provides the following comments on why ransomware attacks happen:

“These attacks are accelerating because they are lucrative for the attackers. They cost them virtually nothing to execute compared to the sometimes double pay day they receive by holding companies hostage and then threatening to leak the data they stole. Plus, these organisations have ephemeral infrastructure, which means that what they are using can quickly be stood up and torn down, or are running RaaS, Ransomware-As-A-Service, where they have got a lot of affiliates that are actually executing the attacks.”

“Companies are rarely prepared because they may not have touched or tested their incident response plan since it was created. A lot of companies have not run tabletop exercises that include folks outside of their IT/security teams simulating a ransomware attack. We need to increase our preparedness on both of these fronts.”

“Critical infrastructure is an easy target because attackers feel like they’ve backed those companies into a corner and they do not have any choice, but to pay the ransom. Until there’s requirements or penalties for companies in these critical sectors, they will continue paying the ransom and ransomware operators will continue to target them.”

Turner offers six-point advice on best practices to thwart attacks:

1. If the company doesn’t have a robust backup and data storage strategy, that should be priority #1. Identify where all your critical data sits and back it up regularly to somewhere where it can be stored disconnected from the company’s network. Test restoring those backups to ensure your whole strategy works end to end.

2. Security hygiene is key to helping prevent and ultimately contain ransomware. Companies should be patching their systems and apps on at least a monthly basis if not more regularly. Prioritise systems and apps that are connected directly to the internet.

3. Multifactor has been something that we still see that is not turned on within environments, yet it’s one of the best security controls you can utilize to stop an attacker dead in their tracks. While we know it’s not something easy, it is paramount that companies try to centralize their identity systems and require multifactor where possible.

4. Secure privileged accounts immediately and require multifactor. Make sure to include admin accounts that are used to manage your cloud environments as well.

5. Ensure to have an endpoint protection deployed to all of your computers and servers. Make sure that it is turned on, updated, and working. Most companies can get a health check from their endpoint protection vendor for free, take advantage of that.

6. Put a plan in place to move towards Zero Trust, this can be in bits in pieces by implementing least privilege, segmenting critical pieces of your network, or even by starting to implement multifactor.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Kenn Anthony Mendoza

Kenn Anthony Mendoza is the newest member of the iTWire team. Kenn is also a contributing writer for South China Morning Post Style, and has written stories on Korean entertainment, Asian and European royalty, Millionaires and Billionaires, and LGBTQIA+ issues. He has been published in Philippine newspapers, magazines, and online sites: Tatler PhilippinesManila BulletinCNN Philippines LifePhilippine StarManila Times, and The Daily Tribune. Kenn now covers all aspects of technology news for iTWire.com.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments