HOW SHOULD
BUSINESSES AND
ENTERPRISES
APPROACH
RANSOMWARE
PREVENTION?
V
ectra, a leader
in network threat
detection and
response (NDR),
has disclosed that
cybercriminals’
most effective
weapon in a ransomware attack is
the network itself, which enables the
malicious encryption of shared files on
network servers, especially files stored
in Infrastructure-as-a-Service (IaaS)
cloud providers.
Attackers can easily evade network
perimeter security and perform internal
reconnaissance to locate and encrypt
shared network files. By encrypting files
that are accessed by many business
applications across the network,
attackers achieve an economy of scale
faster and far more damaging than
encrypting files on individual devices.
cybercriminals like ransomware’s clean,
no-fuss business model.
“Our research indicates that 53%
of organisations say they have a
‘problematic shortage’ of cybersecurity
skills today and the ramifications of
it are very evident with fast-moving
ransomware attacks,” said Jon Oltsik,
Senior Principal Analyst at the Enterprise
Strategy Group.
According to the Vectra 2019 Spotlight
Report on Ransomware, recent
ransomware attacks cast a wider net
to ensnare cloud, data centre and
enterprise infrastructures.
Cybercriminals target organisations that
are most likely to pay larger ransoms
to regain access to files encrypted by
ransomware. The cost of downtime
due to operational paralysis, the
inability to recover backed-up data and
reputational damage are particularly
catastrophic for organisations that store
their data in the cloud.
“The fallout from ransomware attacks
against cloud service providers is far
more devastating when the business
systems of every cloud-hosted customer
are encrypted,” said Chris Morales,
Head of Security Analytics at Vectra.
www.intelligentciso.com
|
Issue 18
“Today’s targeted ransomware
attacks are an efficient, premeditated
criminal threat with a rapid close and
no middleman.”
Ransomware is a fast and easy attack
with a bigger payout than stealing
and selling credit cards or personally
identifiable information (PII), both of
which have perishable values as time
passes after their theft.
Factor-in cryptocurrency as the ransom
payment – an anonymous, hard-to-trace
currency – and it’s easy to see why
“The industry simply doesn’t have
enough trained security folks scanning
systems, threat hunting or responding
to incidents. This Spotlight Report offers
important insights into the weoponisation,
the shift from opportunistic to targeted
attacks and the industries targeted by
ransomware that can help organisations
be better prepared.”
The 2019 Spotlight Report on
Ransomware is based on observations
and data from the 2019 Black Hat
Edition of the Attacker Behavior Industry
Report, which reveals behaviours and
trends in networks from a sample of
more than 350 opt-in Vectra customers.
27