Ransomware’s evolving all the time, but here are some issues to address now to mitigate the impact of the next ransomware wave.
In 2020, there was a successful ransomware attack every eight minutes. That means that every time you boil an egg, another organization just fell victim to ransomware. With the ongoing scourge of ransomware only growing more voracious by the day, we can expect to see more high-impact attacks; 78% of companies anticipate another SolarWinds-style supply chain attack. But are organizations prepared to defend against increasingly nuanced threats?
The news headlines argue that not all are. Look no further than the recent ransomware attack on IT solutions developer Kaseya. This attack is the latest example of how security vulnerabilities continue to come from the most unexpected places. So what questions should organizations be asking themselves and what steps should they be taking now to mitigate the impact of the next wave of ransomware? Here’s where you can start.
Ask Yourself, “Can We Effectively Defend Against a Ransomware Attack?” Organizations should begin by understanding their current posture. Start with a threat hunting exercise to evaluate the various avenues of ransomware compromise and the strength of your defenses. Like all attacks, hackers need an entry point to carry out ransomware campaigns. Whether it’s through unpatched systems, compromised credentials, spear-phishing, or a compromised vendor, the attacker must get an initial foothold into your environment. The threat hunt will show gaps that could be leveraged as an entry point across the attack surfaces. In addition, your assessment should address system redundancy and backups retained for critical business data.