The relentless march to the cloud is good news for CIOs concerned about ransomware. And once most enterprises have most of their infrastructure there, ransomware attacks will become an occasional annoyance, not a catastrophic disaster.
Olympus suffered a second cyber attack on their Americas operation a month after a suspected ransomware incident shut down its EMEA networks. The cyber attack affected the U.S., Canada, and Latin America.
Cloud security firm Ermetic found that vulnerable identities and misconfigured environments on most AWS accounts expose 90% of S3 buckets to potential ransomware attacks.
It has been discovered that the FBI quietly held on to the Kaseya decryption key for three weeks prior to making it available to the public in a bid to "disrupt" the attack.
Ransomware attacks have been a highlight of mainstream media. By taking a preventative approach, businesses can deploy a combination of education, processes, hardware and software to detect, combat and recover from attacks if they were to arise.
Why “Ransomware Insurance” Causes Healthcare Industry to Overlook Deeper, Underlying Security Issues
For the healthcare sector where 34% of all organizations were hit by ransomware last year, cyber insurance may seem like a good investment. However, this may give many organizations a false sense of security.
Most ransomware attacks begin with some combination of phishing and social engineering. An enterprising ransomware gang in Nigeria appears to be skipping this messy step, simply making a direct pitch to employees to join in on the attack.
The only way to keep a company’s defense up-to-date against ransomware attacks is with constant proactive activity from well-engineered cybersecurity teams.
Far from sensationalizing ransomware attacks, our response should be to return to the basics of cybersecurity. This requires a converged IT-OT security strategy to limit damage and protect valuable assets.
Ransomware has quickly grown from an annoyance to a life-threatening problem plaguing organizations in all industries. Organizations should address the two most common attack vectors, open RDP on the internet and the human factor.
