Ransomware and threat actors are maturing, can you afford to be left behind?
source link: https://itwire.com/guest-articles/guest-opinion/ransomware-and-threat-actors-are-maturing,-can-you-afford-to-be-left-behind.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Friday, 18 February 2022 11:10
Ransomware and threat actors are maturing, can you afford to be left behind?
By Ravi Rajendran, Cohesity vice president Asia Pacific and Japan
Cohesity vice president Asia Pacific and Japan Ravi Rajendran
GUEST OPINION: Information and security professionals face the uncomfortable and bleak reality that ransomware will only get worse in 2022: increasing in its sophistication, frequency, and volume. Ransomware continues to be aided by the consistent disruption caused by the pandemic, the adoption of new technologies that increase data generation and information sharing, and the ongoing remote working by millions who are based outside the perimeter defences of their office’s network.
The numbers paint a sobering picture, with the Australian Cyber Security Centre (ACSC) finding there was a 15% increase in ransomware cybercrime reports in 2020-21, and the average cost of ransomware doubling in the last year to over US$2.34 million, according to Sophos.
Many organisations understand the threat ransomware poses to their operational continuity. For some, it is a harder challenge to manage, often not knowing where to start or who must lead the charge, and for others, there are alternative challenges considered to be of higher priority or urgency. However, the federal government is taking greater notice, with the federal minister for Home Affairs, Karen Andrews, warning in Parliament this past fortnight, that cyber-crime poses significant challenges, to major elements of Australia’s economy, infrastructure, and financial system. Put simply, the stakes have never been higher.
To combat this increasing challenge of ransomware, CISOs and CIOs - along with their CEOs and boards - must make themselves aware of the threats facing their data and IT environments. This starts by adopting an unprecedented level of focus to find gaps that exist in their management and governance of data, so they can deploy the right strategies to comprehensively protect their technology infrastructure and the data it houses. However, the obstacle for many is how to do this without disrupting their older technology or eliminating the productivity benefits of new technology, such as cloud applications, which have been introduced since the onset of the pandemic, and without disrupting remote or flexible working.
Ransomware and cyber criminals are growing up
Ransomware continues to mature by becoming more sophisticated and targeted. Ransomware as a Service, also known as RaaS, is a relatively recent form of ransomware that is significantly increasing in presence globally. Rarely seen in Australia prior to 2021, RaaS has now become easily accessible and available to the point that malicious actors are making it available to non-technical cybercriminals. In the past fortnight, five leading cyber securities bodies – CISA, the FBI and NSA (US), Australian Cyber Security Centre (ACSC), and the UK’s NCSC – issued an advisory alert focused on ransomware and the key methods threat actors are likely to use in 2022, with RaaS a key callout.
The advisory also reveals that malicious actors are now leveraging ‘cybercriminal services for hire’, demonstrating the criminal business opportunities being generated by ransomware, to help “…negotiate payments, assist victims with making payments, and arbitrate payment disputes between themselves and other cyber criminals.” In fact, the UK’s NCSC has found “…that some ransomware threat actors offered their victims the services of a 24/7 help centre to expedite ransom payment and restoration of encrypted systems or data.”
Turbo-charge your organisation’s data protection capabilities
To combat and counter this evolving threat of ransomware, a new approach must be taken to data security. Proactively protecting against cyber threats, especially ransomware, and enhancing security postures go beyond simply improving network or endpoint security – you must focus on what the attackers seek, your data. The double blow for most organisations is that not only is ransomware becoming even trickier to handle, but many also rely on legacy data management technology which forces them to a take a ‘DIY’ approach to managing and protecting data due to having to manage multiple products from multiple vendors. This causes time sinks for already stretched IT teams. Higher costs of total ownership, is not designed to run as a part of an integrated technology environment and does not stack up against the sophisticated cyberattack techniques of today. In fact, the attack surfaces of organisations are significantly extended by this isolated and old technology, which doesn’t share common security policies or provide visibility to IT teams of irregular behaviour and potential threats present within organisations’ technology ecosystem.
The good news is that some organisations are maturing in their data protection and security approach, and as a result strengthening their overall security posture, by adopting next-gen data management platforms that align to their needs of today and are built upon capabilities that deliver simplicity at scale, zero trust security principles, AI-powered insights, and 3rd-party extensibility.
These capabilities help bring together security, data intelligence, and risk management, which all play a vital role in protecting data. The right next-gen data management technology will have immutability baked-in, and not be an afterthought, will detect anomalies via AI and machine learning, reduce data proliferation or duplication, and support an automated or rapid recovery should the worst happen. Additionally, organisations should embrace the 3-2-1 rule to data backups, ensure data is encrypted both at transit and at rest, enable multi-factor authentication, and employ zero trust principles.
Ransomware and its rapid proliferation are only going to get worse with attackers as focused as ever on stealing valuable data and extorting their victims as revealed by a warning from some of the world’s leading cybersecurity bodies. Relying on what has always been done or what has always been used will only leave your organisation in a state of regret when ransomware strikes and disrupts your operations, damages your reputation, and decreases your revenue. With ransomware attacks occurring globally almost every 10 seconds, can you afford to be left behind?
Please join our community here and become a VIP.
Subscribe to ITWIRE UPDATE Newsletter hereJOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here
PROMOTE YOUR WEBINAR ON ITWIRE
It's all about Webinars.Marketing budgets are now focused on Webinars combined with Lead Generation.
If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.
The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.
Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.
We look forward to discussing your campaign goals with you. Please click the button below.
INTRODUCING ITWIRE TV
iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.
In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.
We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.
See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK