4 minute read
Ransomware Groups Are Taking
RANSOMWARE GROUPS ARE TAKING ADVANTAGE OF TODAY'S REMOTE WORKING CONDITIONS
John Shier, the Sr. Research Scientist at Sophos, speaks about how ransomware has evolved during the pandemic period
Advertisement
How has the security threat landscape evolved over the past few months?
Ransomware groups have continued to plague organizations both large and small in their bid to extort as much money as possible out of their victims.
As the cybercrime ecosystem has diversified into specialized operators, each doing their best to grow their stake, we have seen increased activity across all aspects of cybercrime.
Cybercriminals not only continue to take advantage of the pandemic by using it as a pretext for their phishing and scamming campaigns, but we have also seen attacks against remote infrastructure and supply chain compromises affecting thousands of businesses at once.
While there was some good news this year, namely the shutting down of the billion-dollar Emotet botnet, the sad reality is that other criminal enterprises are all too ready to fill the vacuum left behind.
What sort of security challenges are people facing when working from home and how is your company equipped to handle those challenges?
One challenge is that some of the systems and tools organizations were using were not as effective in a remote working scenario as they were in-house.
For example, systems monitoring, and patching issues were exacerbated when offices were inaccessible. Some businesses found it difficult to provide connectivity while others were not prepared to shift to remote working seamlessly.
All these reasons, and more, meant that some businesses were taking temporary shortcuts to enable remote working which led to a worsening of their security posture. by not only providing organizations with industry-leading, cloud-native protection products but also making investments in ever more capable AI systems to help security teams be both more effective and proactive, launching products that enable organizations to embrace Zero Trust, and providing help for organizations who lack dedicated security teams through our Managed Threat Response team.
How has ransomware evolved during the pandemic period and what are you doing to tackle the problem?
During the pandemic we have seen continued growth in the social extortion side of ransomware. Most highly skilled ransomware groups have adopted the encrypt and leak extortion scheme pioneered by the Maze group in 2019 and some are even considering an exfiltration only model.
Some ransomware groups have also taken advantage of the pandemic’s remote working conditions to cripple certain organizations, notably educational institutions who rely on remote learning. Overall, there have been less victims in 2020 but the lower volume has been offset by ever more damaging attacks and much higher ransom demands.
How can companies overcome digital security and privacy challenges?
There is no simple answer to this question. It really comes down to understanding the individual requirements of each company and the goods or services they provide. It all starts with an honest appraisal of the current situation within a company.
From there, the business must design a robust security architecture that takes company stakeholders, including business leaders, employees, business partners, and customers in mind.
As for privacy, the simple answer is that businesses should only collect as much data as is necessary to deliver the good or service and secure those data in accordance with current best practices.
Do you believe companies today have accelerated their digital transformation initiatives?
Some companies have certainly taken advantage of the pandemic to augment or accelerate their digital transformation plans. Notably, this has meant that more companies have begun adopting a Zero Trust approach to cybersecurity. Not only is Zero Trust more conducive to remote working but it also provides better overall security.
What are the cybersecurity trends for 2021?
Full remote and hybrid working will continue indefinitely, which means businesses will need to formalize their security strategy so that it matches the current operating environment. As such, many organizations will look at making investments in approaches like Zero Trust. On the threat side, all we can say is that criminals will continue to use whatever dirty tricks still work and develop new strategies that attempt to subvert whatever new security mitigations get in their way.
What are the key factors to consider to make sure digital economies of today are secured?
We need to ensure that we have a transparent understanding of how much of our data is collected, how it will be protected, and how it will be used, with a goal to minimizing collection and sharing, while maximizing protection.
We need to evaluate the current state of security critically and honestly in our respective organizations, work to immediately resolve the largest problems, and incrementally improve in all areas of concern. Much like the current pandemic, if we cannot collectively improve our digital immune system by making attacks more costly and cybercrime less profitable, we will forever be plagued by it.
