Proactive Measures to Stop Ransomware Before It Starts
Amid a years-long runup, ransomware attacks continue to plague organizations worldwide, leading to data breaches, financial losses and reputational damage.
Even though the concept emerged decades ago, it really took off about five years ago with the emergence of WannaCry, which led to more widespread and sophisticated attacks, leading to today’s world of targeted “big game hunting” attacks, Ransomware-as-a-Service (RaaS), double extortion, big cryptocurrency payoffs and so on.
Because it’s such a widespread and impactful problem, the industry has responded with all kinds of solutions, techniques, advice and other kinds of help.
For example, just a small sample of the most commonly cited ransomware protection techniques include:
- Keep software up to date
- Enable Multi-Factor or Two-Factor Authentication
- Backup data regularly
- Use antivirus/anti-malware software
- Use strong passwords and do not reuse them across different websites and applications
- Implement access controls
- Educate employees on ransomware tactics
- Segment networks and use firewalls
And the list goes on. Such advice and much more detailed guidance has been spread far and wide for years, yet the ransomware threat shows no signs of abating.
“Despite the awareness and increase in preparedness, ransomware is winning,” said backup/disaster recovery specialist Veeam said about its 2023 Data Protection Report. “Cyberattacks caused the most impactful outages for organizations in 2020, 2021 and 2022, according to the report. 85 percent of organizations were attacked at least once in the past 12 months; up from 76 percent in last year’s report. Specifically, recovery is a main concern as organizations reported that only 55 percent of their encrypted/destroyed data was recoverable from attacks.”
Perhaps the problem is that the advice and guidance is usually delivered from afar, without the opportunity for questions or interaction. For some direct, human-to-human expertise affording just such Q&A opportunities and interactivity, one place to go might be Orlando where Sami Laiho will present a session titled “Stop Ransomware Before It Starts: Proactive Measures to Outsmart Cybercriminals” at the big Live! 360 conference in November.
Laiho, chief research officer at Adminize, will share his expert knowledge about the latest trends in ransomware attacks, common entry points exploited by cybercriminals and effective strategies for prevention and mitigation.
He will cover key topics including employee awareness and training, vulnerability management and implementing robust security control to ensure that attendees will have the knowledge and tools to boost their organization’s ransomware resilience by the end of the 75-minute, Nov. 16 intermediate-level session. Specifically, attendees are promised to learn:
- The current landscape of ransomware attacks and the tactics employed by cybercriminals
- How to educate and raise awareness among employees to prevent social engineering attacks and phishing attempts
- Insights into vulnerability management practices and implementing effective security controls to mitigate ransomware risks
We recently caught up with Laiho to learn more about his session in a short Q&A.
VirtualizationCloudReview: What’s a common misconception that employees often have about ransomware?
Laiho: I think most people think that Ransomware incident costs because it is hard to get rid of it or understand how it got to the network.
“Most of the costs usually go to the rebuilding of the environment.”
Sami Laiho, Chief Research Officer, Adminize
Most of the costs usually go to the rebuilding of the environment.
In your opinion, what is the most alarming trend when it comes to enterprise ransomware attacks?
I believe that people don’t have an up to date inventory of their environment. So they really don’t have a clear picture of what to protect. Supply Chain attacks are now a rising trend.
What’s one proactive measure that enterprises of all sizes can immediately implement to mitigate their risk?
Do not allow Domain Admins to logon to standard endpoints. Don’t mix high privileged with surfing the Internet.
Can you briefly explain why a multi-layered security approach is essential in today’s landscape?
Nowadays your job is not to stop the enemy, but to slow it down as much as possible. Everyone gets ransomware, it’s just the question of whether it spreads wider or not.
Can you share what you believe will be the most impactful takeaway for attendees of your session?
I teach simple concepts that don’t require that many investments. Concepts are way more important than product choices.
Note: Those wishing to attend the conference can save hundreds of dollars by registering early, according to the event’s pricing page. “Save up to $400 if you register by September 22!” said the organizer of the event, which is presented by the parent company of Virtualization & Cloud Review.