The first article focuses on understanding more about recent attacks, how hackers are innovating, and laying the foundations for preparedness. As attacks become increasingly innovative, traditional defences are being left wanting. Recent attacks such as REviL have seen hackers manually controlling the operation instead of relying on viruses working on their own accord.
Even organisations with credible cyber security solutions in place have been successfully targeted by sophisticated hackers. Remote desktop protocols (RDP) with configuration loopholes are a particular weakness, as are poor disciplines in identity and access management (IAM). Data and passwords stored on the dark web are also being used by criminals to gain access to devices or core infrastructure.
As in any battle, conflict or even competitive sport, knowing your enemy is another vital step in winning the fight against ransomware attackers. Having gained access to a corporate network, hackers then seek out the valuable data and attempt to prevent access to endpoints, cloud applications and backups. The data is then wiped, encrypted and used for extortion purposes and even to publish data if the ransom payment is not made.
Worse still, it can take up to five days for an organisation to even realise the attack is in progress. From the first penetration of the system, hackers can embed the ransomware silently and have it take hold before IT teams are even aware of a problem. By using this approach, hackers can maximise the chances of success, and the chances of at least some of the ransom being paid.
Sadly, the sophistication of ransom attacks now means it’s more a case of 'when' not 'if' that UK organisations will experience some kind of attack. Preparation for incidents should be well thought out, and solid plans implemented to prevent and detect attacks. Should the worst happen, it’s important to have contingency strategies in place to respond and recover your systems and/or data in the shortest time possible.
The key question will ultimately be will the ransom be paid? This will be an executive level business decision with input from security and legal experts. The balance will be based on the impact, severity and implications of doing so or not doing so, but the reality is that almost 50% of companies have paid out the ransom.
👀 In the next in our series of articles (watch this space!), we’ll look at backup and recovery in the context of ransomware attacks.
Monthly expert guidance from the South West Cyber Resilience Centre.
Keep your organisation safe, agile, growth-ready and prepared for whatever comes next.
Facing high data ingestion costs, on-prem only or lacking actionable insights?
The what, how and why of NGFWs for your organisation
Key things to consider when protecting your business
Security best practices, threat management, security operations, tooling and privacy
How to spot and prevent hacking attempts
SWCRC's top tips to secure your organisation
8 sponsors | 4 expert speakers | 2 days, 200 security professionals | 2 evenings = 200+ channel partners
The latest threat intelligence and actionable insights
Assess, analyse and leverage data to protect and secure infrastructure
Things to consider if you are a victim of a ransomware attack
What it can actually do for SOCs and the wider business
How traditional silos can be a threat - and how to prevent it
Key considerations when selecting your SIEM solution
Why distribution hold the key
Reduce the risks to critical infrastructure whilst maintaining customer data confidentiality
Free API security assessment
Prepare for the rising threat of RaaS, initial access brokers, and credential theft
The MYREDFORT Community's own in-person networking and hospitality events to coincide with InfoSecurity Europe.
SouthWest Cyber Resilience Centre, The Hacking Games & CISOs from Apex Group & Nielsen IQ
Don't let a lack of communication gives fraudsters the advantage
How to build a strategic defence against human error across your organisation
Here's 6 ways to become a cyber guardian!
Top 10 tips to get the most from networking events
Actionable and contextualised intelligence from Blackberry to increase your cyber resilience.
Monthly expert guidance from the South West Cyber Resilience Centre.
Game-changing cybersecurity defence strategies.
Get your FREE police-backed cyber security advice for SMBs.
This month's expert guidance from the police-backed South West Cyber Resilience Centre.
How to deploy a comprehensive multi-cloud threat hunting strategy.
Barracuda executives give their inside take on the year ahead.
An expert's view on the state of cyber risk.
Monthly expert guidance from the South West Cyber Resilience Centre.
Prepare for the worst in the event of a cyber attack: Customise your incident response plan
Monthly expert guidance from the South West Cyber Resilience Centre.
70% increase in unique malware among other threats
Monthly expert guidance from the South West Cyber Resilience Centre.
Prevention is better than cure with ransomware attacks
Monthly expert guidance from the South West Cyber Resilience Centre.
Monthly expert guidance from the South West Cyber Resilience Centre.
Recorded webinar
How can cybersecurity and IT operations leaders adjust? Find out in this live webinar
CyberCatch have it covered!
Mastercard cybersecurity solutions protect the people, transactions and devices that power businesses
The top three security risks that could be lurking in Power Platform.
Best practices: Improve your business cyber defenses for cyber insurability
Expert ransomware market insights for 2023
Explore the most comprehensive, industry-leading solutions to help you protect everything.
How a web application firewall helps.
Join a live webinar on 23 February to see how to use data to prove value and bolster performance.
Security tips you can put into action today.
Six key trends to look out for - and adapt.
Zurich CEO issues warning.
With 2/5 of UK SMEs being hit, what's the attraction?
How Acronis helps manage a constantly evolving threat landscape.
Keeping users safe from heightened threats.
Protect it against ransomware and other threats.
Smaller companies can be softer targets
£25,000 cover with Cyber Essentials
Implementing a framework-based mindset
Identify your risks and vulnerabilities
Essential viewing to protect yourself from cyber crime this year
Supported by the Home Office, Policing and Ambassador partners
Share this story
We're a community where IT security buyers can engage on their own terms.
We help you to better understand the security challenges associated with digital business and how to address them, so your company remains safe and secure.