TRENDING application . On multiple occasions in the past year , attackers exploited an application vulnerability to gain control of the application infrastructure and eventually target the most valuable data to encrypt .
Since the wider adoption of cryptocurrency , Barracuda has also seen a correlation of increased ransomware attacks and higher ransom amounts . With increased crackdown on bitcoin and successful tracing of transactions , criminals are starting to provide alternative payments methods , such as the REvil ransomware gang asking for Monero instead of bitcoin .
However , Barracuda also saw multiple instances of victims reducing ransom payments by deploying negotiation tactics . JBS negotiated a US $ 22.5 million ransom payment down to US $ 11 million and Brenntag , a chemical distributor in Germany , negotiated a US $ 7.5 million ransom demand down to US $ 4.4 million . The initial ransom ask may not be the final ask , so if they ’ re planning to pay , it is important for ransomware victims to exercise negotiation options . The outcome can be savings in the millions . wallets of DarkSide and were able to recover some of the ransom payments and authorities have disrupted payments to the affiliates of the ransomware group .
These are encouraging signs in the fight against these cyberattacks .
The first step in taking on ransomware is assuming that you will be victimized – it ’ s just a matter of when .
The next thing you need to do is to set a goal of not paying the ransom . With the goal set , you then need to implement at least the following three procedures to achieve that goal .
1 . Do everything you can to prevent credential loss
• Implement anti-phishing capabilities in email and other collaboration tools , and consistently train your users for email security awareness .
2 . Secure your applications and access
Barracuda is also seeing more organizations refusing to pay the ransom and that is likely driving up the initial ransom ask . This trend is also followed by more collaboration with the authorities and ransom negotiators . The FBI have recently uncovered the bitcoin
The first step in taking on ransomware is assuming that you will be victimized – it ’ s just a matter of when .
• Besides using MFA , you should also implement web application security for all your SaaS applications and infrastructure access points .
• Application vulnerabilities are often hidden in the application code or underlying application infrastructure . Therefore , you must protect your applications from the OWASP Top 10 threats .
• If you have API interactions in your application , you should also make sure you are covered for OWASP API Security Top 10 . Along with application protection , try to reduce the amount of access you provide to your users wherever you can . If you can , narrow down to the least amount of access your users need to be productive . It ’ s best to implement Zero Trust Access based on endpoint security postures .
3 . Back up your data
• Stay current with a secure data protection solution that can identify your critical data assets and implement disaster and recovery capabilities . That way you can be confident about saying no to ransomware criminals .
As cybercriminals are working towards bigger paydays in the future , the security industry needs to continue to create solutions that are easily consumable for companies of all sizes .
Attackers often start with small organizations that are connected to the larger targets and then work their way up . p
26 INTELLIGENTCIO LATAM www . intelligentcio . com