Maximizing Opportunities to Stop Ransomware Attacks | #malware | #ransomware | #cybersecurity | #infosecurity | #hacker

Business Continuity Management / Disaster Recovery
Cybercrime as-a-service

Chet Wisniewski of Sophos on Latest Research Findings

Chet Wisniewski, principal research scientist, Sophos

See Also: Fireside Chat | Zero Tolerance: Controlling The Landscape Where You’ll Meet Your Adversaries

The median dwell time that hackers are spending in victims’ networks – from the time a compromise, such as a phishing incident or a vulnerability exploit, begins to the time ransomware encryption is triggered – has grown from 11 to 15 days. That means organizations now have a little more precious time to stop an attack “before the worst happens,” says Chet Wisniewski, principal research scientist at Sophos.

“There are multiple opportunities along the time line where you’re going to notice different malicious activities,” he says, discussing key findings from recent Sophos research, including its new report, The Active Adversary Playbook 2022.

“You might notice 400 GBytes being uploaded … and say ‘whoa.’ And if you detected that, you have 72 hours before the attackers trigger the ransomware,” he says.

In a video interview with Information Security Media Group at RSA Conference 2022, Wisniewski also discusses:

  • The latest ransomware trends;
  • Critical steps in taking a layered security approach;
  • Other key findings from Sophos’ recent study.

Wisniewski, who has more than 20 years of professional experience, analyzes massive amounts of attack data gathered by SophosLabs to distill and share relevant information in an effort to improve the industry’s understanding of evolving threats, attacker behaviors and effective security defenses.

Original Source link

Leave a Reply

National Cyber Security Consulting App





National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.