2 minute read

THE EXPERTS SPEAK

Next Article
CONNECTING THE DOTS

CONNECTING THE DOTS

RANSOMWARE AS A SERVICE WILL CONTINUE TO BE A MAJOR AVENUE FOR RANSOMWARE OPERATORS. THIS ENABLES ATTACKERS TO USE A PLATFORM WHICH PROVIDES THE NECESSARY CODE AND INFRASTRUCTURE TO LAUNCH THEIR CAMPAIGNS. THE RAAS PROVIDER TYPICALLY TAKES A CUT OF THE RANSOM PAYMENTS MADE BY THE VICTIM, CREATING A MUTUALLY BENEFICIAL RELATIONSHIP BETWEEN THE PROVIDER AND THE ATTACKER. THIS MODEL HAS MADE IT EASIER FOR LESS TECHNICALLY PROFICIENT INDIVIDUALS TO CARRY OUT RANSOMWARE ATTACKS, AS THEY NO LONGER NEED TO HAVE THE EXPERTISE TO CREATE THEIR OWN MALWARE.

Giuseppe Brizio, CISO EMEA, Qualys

Advertisement

RANSOMWARE CONTINUES TO PLAGUE ORGANISATIONS IN 2023, AND THERE IS NO PLACE FOR A ‘IT WON’T HAPPEN TO ME’ MINDSET. LEADERS NEED TO BE THINKING OF THE WORST CASE SCENARIO AND BE PROACTIVE, NOT REACTIVE IN THEIR PLANS. UNFORTUNATELY, WHILE BACKUP SYSTEMS HAVE PROVIDED AN INSURANCE POLICY AGAINST AN ATTACK IN THE PAST, HACKERS ARE NOW TRYING TO BREACH THESE TOO. ONCE AN ATTACKER IS INSIDE AN ORGANISATION’S SYSTEMS, THEY WILL ATTEMPT TO FIND CREDENTIALS TO IMMOBILISE BACKUPS. THIS WILL MAKE IT MORE DIFFICULT, TIME CONSUMING AND POTENTIALLY EXPENSIVE TO RESTORE.

RANSOMWARE AS A TERM GENERATED A LOT OF HYPE FOR TWO REASONS: (1) THE RANSOM DEMANDS GENERALLY DEMANDED PAYMENT IN VIRTUAL “CURRENCIES” LIKE BITCOIN, WHICH HAD THEIR OWN OVER-HYPE GOING; AND (2) THERE WAS A LOT OF CONTROVERSY IF PAYING THE RANSOM WAS MORE COSTEFFECTIVE THAN RESOLVING THE PROBLEMS THAT ENABLED THE INCIDENT - ESPECIALLY WITH THAT HOPE THAT CYBER INSURANCE POLICIES WOULD COVER RANSOM PAYMENTS.

“THE GOOD NEWS ABOUT THE HYPE OVER RANSOMWARE IS THAT IT CAUSED MANY ORGANISATIONS TO AT LEAST ADDRESS THE NEED FOR BACKUP SYSTEMS, BUT ALSO FOR REACHING ESSENTIAL LEVELS OF SECURITY HYGIENE. THE OTHER GOOD NEWS IS IT TURNED OUT THAT CYBER INSURANCE POLICIES DID NOT TRANSFER LIABILITY FOR INCIDENT COSTS, OR EVEN CAP COSTS. AT BEST, SOME SMALL PERCENTAGE OF THE INCIDENT COST WAS REIMBURSED, AFTER MUCH HAGGLING. I THINK THE BIGGEST TREND WILL BE THE DEMISE OF THE TERM “RANSOMWARE.

John Pescatore, Director of Emerging Security Trends, SANS Institute

2022 SAW THE FIRST DECLINE IN RANSOMWARE ATTACKS AND EARLY 2023 DATA SHOWS THAT A CONTINUING SLOW DOWNWARD TREND. IF YOU LOOK AT THE PROBLEM FROM A RANSOMWARE OPERATOR’S PERSPECTIVE, THE ENTIRE PROCESS FROM RECONNAISSANCE TO INITIAL INFILTRATION TO ENTERPRISEWIDE SOFTWARE DEPLOYMENT AND DATA ENCRYPTION IS A TIME CONSUMING AND FRUSTRATING PROCESS. ANYONE WHO HAS EVER WORKED IN DESKTOP AND SERVER MANAGEMENT WILL TELL YOU HOW HARD IT IS TO RUN A SOFTWARE DEPLOYMENT PROJECT, EVEN WHEN YOU ARE THE LEGITIMATE ADMINISTRATOR OF THOSE SYSTEMS! WHAT IS IMPORTANT TO REALISE IS THAT THESE CRIMINALS ANALYZE THEIR TIME INVESTMENT LIKE ANY OTHER RATIONAL BUSINESS OWNER. IF THERE ARE MORE EFFICIENT WAYS TO MAKE MONEY, THEN THEY WILL FIND THOSE.

The

Di gi t al Insights offers SOC as a Serv i ce, which allows yo ur organization to set up a comp l ete 24 x7 security o p e rations center (SOC365) function at a significantly lower cost than constructing an in- hou s e SO C. O u r t e am help s you detect, analyz e, in vestig ate , validate, a nd respond to threats using right mix o f people, s kills, pr ocesses, and technology.

SOC365 security exp erts look for cybersecurity t hreats by monitoring your logs, cloud e nvironments, d evices, s ystem s and network. In addition to con stant m o nitoring, we detect and investigate cyberattacks ac ros s your entire organisation.

In an event of intrusion /a ttack, o ur SOC team will p rovide incident response immediately and will support yo ur internal IT o r security team to be gi n remediation.

C o mplete IT C ompliance & Security Ma na gem ent in a Sin gle Pane of Glass for PCI DSS, I S O 27001, HIPAA, a nd SOC 2.

Rapid on-boarding and deploymen t provides immediate c y b e r threat protection.

More articles from this publication:
This article is from:

50 CHANGE MAKERS