Security

The 4-1-1 on the Threat of Modern Ransomware Attacks

JUN 28, 2021

The already colossal menace of ransomware is now on its way to becoming the biggest complication for businesses on the internet. As of late, it’s been in more headlines than ever, and the White House has even sent communications to business leaders and corporate executives urging them to take actions that protect against the threat.

Vice President and CISO Bryan Kissinger, PhD. leads Trace3’s team of professional security advisors who are all focused on solving the complex security challenges our clients face, as well as manages Trace3’s internal security program. Kissinger provides his expertise and thoughts about the core issues of today’s ransomware attacks, and why this is such a monumental issue for businesses and organizations.

What is ransomware?

Ransomware is a type of malware that seizes and encrypts a victim’s data/system, holds it inaccessible and demands a payment be fulfilled in order to unencrypt or release the data/system.

Why does ransomware attack data specifically?

Almost all organizations rely on data they collect, store, or transmit to function as an efficient and competitive enterprise. The confidentiality, availability, and integrity of this data is paramount to maintaining public trust and reputation, as well as, in some cases, demonstrating compliance with local, state, and federal regulations. Many companies consider the data they possess to be the most valuable asset they own. As such, securing that data, and the information systems that process it, is vitally important and requires full-time attention. Securing data is so important because organizations rely on data to be successful. If that data is comprised or rendered unusable, the very livelihood of the business could be in jeopardy, making data the most desirable asset to seize and encrypt.

What’s happening now in 2021 compared to our recent history?

Statistics reveal that cyber-attacks are at an all-time high, with nation states, organized criminal enterprises, and disgruntled employees all seeking to steal sensitive information, disrupt technology infrastructure, and monetize malicious activity. Ransomware attacks are up over 300% in the past year and those attacks, when successful, have crippled organizations’ operational capabilities, destroyed data sets, and cost organizations billions in recovery. Financial, reputational, and regulatory implications all necessitate that an organization invest in cybersecurity programs that focus on protecting sensitive information and systems. Some experts predict we haven’t seen the worst of these attacks yet.

Who is at risk for an attack?

All organizations are potential targets for cyber-attacks. We’ve seen recent attacks in the headlines on huge, global enterprises. Fortunately for smaller companies, they are often less attractive focuses because they lack deep pockets to pay ransoms or don’t have the volume of intellectual property or sensitive information that a larger organization might be charged with protecting. That doesn’t mean smaller organizations can ignore security protections, only that they have not yet been the target of most attackers.

What’s available for both large and small companies as protection against a ransomware attack?

Most security manufactures are making their solutions available for large and small companies and price them according to the number of users and/or devices their technology is protecting. Any organization without the staff or experience to manage their own security programs, can find great value in a managed security service provider (MSSP) that can take the monitoring and response efforts from internal employees. These managed services can be quite affordable for organizations, often costing only the amount of having 1-2 full-time security professionals on the team. Remember, you can outsource some or all this responsibility, but you as the data owner and keeper of your customer’s trust, will be ultimately accountable for any breaches. All organizations should take the time right now to prioritize some, or additional, IT funding to protecting at least a subset of their environment where the risk is highest.

Is there a way to fully protect a company against a ransomware attack?

The sad truth is that no organization, of any size, or with enough spend can cover all security vectors or eliminate risk completely. It’s not possible. Organizations of all sizes should first focus on the basics like encrypting mobile devices, installing anti-virus or endpoint detection and response technologies, encrypting key data stores, and using encrypted email solutions for sending and receiving sensitive information. Since phishing remains the most viable attack vector, an anti-phishing solution may eliminate a large majority of risk from email and browser-based social engineering attacks.

Bryan Kissinger, PhD.| Vice President, CISO | TRACE3

Bryan Kissinger, PhD. is an information security product and services leader focused on delivering technology-enabled solutions for complex business environments. Kissinger leads a team of professional security advisors focused on solving complex client security challenges, as well as managing Trace3’s internal security program. He’s a published author and public speaker known as an emerging technology advocate and designer of right-sized corporate IT and security programs.

https://trace3.com/expertise/security

Leave a Reply

Your email address will not be published. Required fields are marked *