Since the start of the health crisis, ransomware attacks have continued to increase around the world, sparing no organization or industry profile. Last June, the United States even elevated the threat of ransomware to the same priority as terrorism, following the Colonial Pipeline hack and increased damage from cybercriminals.
Therefore, cyber resilience is becoming a necessity. But as organizations move to protect themselves from threats, cybercriminals are breaking down new barriers and developing increasingly sophisticated approaches. This cat and mouse game has been around for over twenty years. However, we must be careful not to allow ourselves to be irretrievably overcome.
Back up and restore in the viewer
Ransomware originally consisted of encrypting production data and demanding a ransom to obtain the decryption key. It was a fairly straightforward transactional process. But in recent years, the attacks have evolved and seek to directly delete the backup files. It’s hard not to give in to the pressure to pay the ransom when your data is encrypted and your backups destroyed …
But the vice of cybercrime does not end there. Now, malicious actors don’t just encrypt data and prevent it from being restored. They exfiltrate data, threatening to sell it on the dark web or even the internet. A prospect to give any organization a cold sweat, especially since you risk exposing your suppliers, partners, and customers.
How to prevent data exfiltration?
No matter how advanced your security devices are, it can be difficult to isolate illegitimate communications on a network that does not detect anomalies or suspicious behavior. Cybercriminals know that massive data exfiltration attempts are easier to detect (and also require more specialized and rare technical skills). Therefore, they try more discreet approaches, sometimes targeting very precise data, of such a small volume (a few GB of data) that it generally goes unnoticed.
For years, large companies have approached cybersecurity with a unique approach. A threat, a solution. When security officials argued that managing disparate tools had become a nightmare, vendors responded by offering management and administration tools that overlapped separate security technologies. This solution was far from ideal, but it was sufficient to counter threats on an ad hoc basis. Unfortunately, ad hoc or DIY solutions are neither sustainable nor effective against large-scale cyberattacks. They only create blind spots in the security devices.
Question of confidence
The shock wave from a cyber attack goes far beyond the challenge of restoring your data and systems. It also reaches out to customers, suppliers, and partners. And rebuilding trust with all these stakeholders can be an even more daunting challenge.
Therefore, gradually, Zero Trust approaches have been established with security solution providers as a way to stop ransomware more quickly. Launched more than 10 years ago by Forrester analysts, this defense mechanism assumes that all network traffic should be considered unreliable. It is a kind of modern alternative to perimeter security, based on the principle of “never trust, always verify”.
From now on, Zero Trust is no longer enough. It has become urgent to thoroughly review its data management, combining governance and security. This approach brings many benefits, such as automating data classification according to regulations like GDPR to meet compliance needs, or hardening environments before attacks occur. Artificial intelligence technologies make it possible to identify access to sensitive data in production and backup data, or detect behavioral anomalies in near real time, for example, when a user suddenly accesses large volumes of data, a signal that could be a precursor of data exfiltration.
Reduce the reach of ransomware
As data extractions become more and more common, no organization can afford to be ignorant of where its data is, how it is classified, and who uses it. This is the only way you can define precisely what the deviant behavior will be.
Therefore, we must prohibit the phenomenon of data fragmentation, which hinders the effectiveness of security measures. Cybercriminals shouldn’t be the only ones relying on automation and artificial intelligence to map an environment and determine where the most important data resides.
The problem is that people don’t really think about the data or where to put it. They download files from the corporate network and import them onto your computer, then leave them there. With the governance required to go beyond Zero Trust, this cannot happen, because once the data is identified as being in the wrong place, a decision can be made to either block access or put the data in its place.
The relentless evolution of the cyber threat landscape requires a fundamental change in organizational strategy. Governance and security must now become one to effectively protect data and the entire ecosystem around it.
By Tony Fanni, Systems Engineer, Cohesity
Rank Math Seo Pro Weadown, Wordfence Premium Nulled, Yoast Nulled, PHP Script, Fs Poster Plugin Nulled, Astra Pro Nulled,Woodmart Theme Nulled, Wpml Nulled, Avada 7.4 Nulled, Woodmart Theme Nulled, PW WooCommerce Gift Cards Pro Nulled, Elementor Pro Weadown, Newspaper – News & WooCommerce WordPress Theme, Nulledfire, Slider Revolution Nulled, Elementor Pro Weadown, Jnews 8.1.0 Nulled, WeaPlay, Business Consulting Nulled, WP Reset Pro, Newspaper 11.2, Flatsome Nulled, Woocommerce Custom Product Ad, Premium Addons for Elementor, Jannah Nulled, Consulting 6.1.4 Nulled, Plugins, WordPress Theme, Dokan Pro Nulled