Cloud security firm Ermetic found that vulnerable identities and misconfigured environments on most AWS accounts expose 90% of S3 buckets to potential ransomware attacks.
It has been discovered that the FBI quietly held on to the Kaseya decryption key for three weeks prior to making it available to the public in a bid to "disrupt" the attack.
Ransomware attacks have been a highlight of mainstream media. By taking a preventative approach, businesses can deploy a combination of education, processes, hardware and software to detect, combat and recover from attacks if they were to arise.
Why “Ransomware Insurance” Causes Healthcare Industry to Overlook Deeper, Underlying Security Issues
For the healthcare sector where 34% of all organizations were hit by ransomware last year, cyber insurance may seem like a good investment. However, this may give many organizations a false sense of security.
Most ransomware attacks begin with some combination of phishing and social engineering. An enterprising ransomware gang in Nigeria appears to be skipping this messy step, simply making a direct pitch to employees to join in on the attack.
The only way to keep a company’s defense up-to-date against ransomware attacks is with constant proactive activity from well-engineered cybersecurity teams.
Far from sensationalizing ransomware attacks, our response should be to return to the basics of cybersecurity. This requires a converged IT-OT security strategy to limit damage and protect valuable assets.
Ransomware has quickly grown from an annoyance to a life-threatening problem plaguing organizations in all industries. Organizations should address the two most common attack vectors, open RDP on the internet and the human factor.
Hackers timed a supply chain attack to hit when IT workers were off duty. An attack on MSPs making use of Kaseya products is thought to have compromised at least 200 of that company's clients.
Remote Browser Isolation (RBI) is an emerging technology that has been constantly evolving and has come of age as a solution to stop ransomware attacks, including double extortion.