Dealing with the rising threat of ransomware attacks
37031
post-template-default,single,single-post,postid-37031,single-format-standard,bridge-core-3.1.3,qode-page-transition-enabled,ajax_fade,page_not_loaded,, vertical_menu_transparency vertical_menu_transparency_on,qode_grid_1300,qode-child-theme-ver-1.0.0,qode-theme-ver-30.2,qode-theme-bridge,wpb-js-composer js-comp-ver-7.3,vc_responsive
 

Dealing with the rising threat of ransomware attacks

Ai Editorial
Home > Editorials  > Payment & Fraud Editorials  > Dealing with the rising threat of ransomware attacks

25th September 2023

The recent cyberattacks, including the one featuring MGM Resorts, are highlighting a growing concern for data security. Ransomware attacks are on the rise and are termed as an evolving threat.

The team at Spycloud states that many organizations may be more vulnerable than they realise. They are behind in terms of having adequate visibility into authentication data that has been exfiltrated from unmanaged, undermanaged, and third-party devices, and be aware of which users and corporate applications have been exposed. According to SpyCloud‘s recent analysis, Of 1,831 North American and European companies victimized by ransomware in 2023, 22% had at least one infostealer infection prior to being attacked.

Dealing with threat at various stages

An organisation can act in time only if they become aware of threats. One of the ways is to act as early as possible when a threat emerges. Companies have to ensure they are protecting their data on any device, app and location, looking at aspects like geo-location anomaly (the first indication of a threat resulting from a compromised user account), regular assessments (activity anomalies, attempted malware infestation) etc, security team being on alert, and real-time automated action. The efficacy of security policies also comes into the play. Lookout

Being aware of vulnerabilities

Evaluating the tactics of cybercriminals, Black Kite shared that common ransomware indicators among victims include “poor email configuration, recent credential leaks, public remote access ports, out-of-date systems, and IP addresses with botnet activity”. Also, in one of its reports, the company mentioned that encryption-less ransomware is on the rise, underscoring the importance of data protection and regulatory compliance in addition to addressing business interruption risks posed by traditional encryption-based attacks. Other than keeping a vigil on email security configurations, phishing/fraudulent domains etc., the company recommends that it has to be ensured that all systems, applications, and software are up-to-date with the latest patches, focusing on those with known remote code execution vulnerabilities, and focus on strong authentication methods like multi-factor authentication. Also, important to check audits of vendors’ security practices since the third-party vendors are often an organisation’s security weak point.

By Ritesh Gupta, Ai Events

Follow us:
 



Share

Cookies

This site uses cookies: Find out more.