Intelligent CIO North America Issue 15 - Page 26

TRENDING infrastructure is just as dangerous as a full-blown SaaS application . On multiple occasions in the past year , attackers exploited an application vulnerability to gain control of the application infrastructure and eventually target the most valuable data to encrypt .
Since the wider adoption of cryptocurrency , Barracuda has also seen a correlation of increased ransomware attacks and higher ransom amounts . With increased crackdown on bitcoin and successful tracing of transactions , criminals are starting to provide alternative payments methods , such as the REvil ransomware gang asking for Monero instead of bitcoin .
However , Barracuda also saw multiple instances of victims reducing ransom payments by deploying negotiation tactics . JBS negotiated a US $ 22.5 million ransom payment down to US $ 11 million and Brenntag , a chemical distributor in Germany , negotiated a US $ 7.5 million ransom demand down to US $ 4.4 million . The initial ransom ask may not be the final ask , so if they ’ re planning to pay , it is important for ransomware victims to exercise negotiation options . The outcome can be savings in the millions . and demanding tough actions against harbouring cybercriminals . Given the high-profile , high-impact nature of recent attacks , particularly attacks against critical infrastructure , the US government is no longer just sending warnings . It is ready to take serious actions even against nation states if there is clear evidence of accomplice or negligence in policing cybercriminals .
The first step in taking on ransomware is assuming that you will be victimized – it ’ s just a matter of when .
The next thing you need to do is to set a goal of not paying the ransom . With the goal set , you then need to implement at least the following three procedures to achieve that goal .
1 . Do everything you can to prevent credential loss
• Implement anti-phishing capabilities in email and other collaboration tools , and consistently train your users for email security awareness .
2 . Secure your applications and access
Barracuda is also seeing more organizations refusing to pay the ransom and that is likely driving up the initial ransom ask . This trend is also followed by more collaboration with the authorities and ransom negotiators . The FBI have recently uncovered the bitcoin wallets of DarkSide and were able to recover some of the ransom payments and authorities have disrupted payments to the affiliates of the ransomware group .
These are encouraging signs in the fight against these cyberattacks .
Beyond legal action , Barracuda has also seen the White House speaking directly to world leaders
• Besides using MFA , you should also implement web application security for all your SaaS applications and infrastructure access points .
• Application vulnerabilities are often hidden in the application code or underlying application infrastructure . Therefore , you must protect your applications from the OWASP Top 10 threats .
• If you have API interactions in your application , you should also make sure you are covered for OWASP API Security Top 10 . Along with application protection , try to reduce the amount of access you provide to your users wherever you can . If you can , narrow down to the least amount of access your users need to be productive . It ’ s best to implement Zero Trust Access based on endpoint security postures .
3 . Back up your data
• Stay current with a secure data protection solution that can identify your critical data assets and implement disaster and recovery capabilities . That way you can be confident about saying no to ransomware criminals .
As cybercriminals are working towards bigger paydays in the future , the security industry needs to continue to create solutions that are easily consumable for companies of all sizes .
Attackers often start with small organizations that are connected to the larger targets and then work their way up . p
26 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com