FEATURE
We should all remember that these groups are enterprises as well as criminal gangs .
Dealing with ransomware
Businesses should assume they will be hit by a ransomware attack at some point this year . This means it is critical to take all necessary precautions to try and prevent it from happening . Frequently , it comes down to getting the basics right . The NCSC ’ s ‘ 10 steps to Cyber Security ’ is a good place for any business to start . Through steps like enabling firewalls , patching software in a timely manner , good identity and password management and having resilient backups on hand , organisations can easily bolster their security posture . While backups won ’ t prevent ransomware , they will speed up recovery and reduce the need for the company to pay the ransom .
We should all remember that these groups are enterprises as well as criminal gangs . Much like businesses , they are trying to survive and make as much profit as possible – although clearly on the wrong side of the law . But like businesses , they are looking for the biggest return from the lowest risk . They also want to create for themselves a reputation for success by demonstrating they have the ability to take down large targets . These relatively simple motivations mean that ransomware activity will continue to grow this year and into the future .
High-profile incidents such as the Colonial Pipeline attack have created a public outcry and increased political pressure , according to the NCSC Annual Review . The result has been increased scrutiny for ransomware groups and other threat actors , forcing some to adapt and adjust their techniques to better avoid detection and defences .
That ever-evolving threat will continue to grow this year , creating further challenges for businesses as they strive to stay ahead of and prevent intrusions .
The ransomware trend in cyberspace
The destructive nature and financial viability of ransomware makes it an attractive tool for threat actors to utilise , who have an almost unlimited number of organisations to attack . One area of growing popularity among state actors is wiperware . The primary motivation for using wiperware is pure destruction and not financial gain . It erases data from systems completely and makes it difficult to recover those files – rather than offering victims the chance to decrypt them . This method allows threat actors and nation states to act decisively and destructively against their intended targets . With geopolitical tensions high , this signals genuine hostile intent as part of a wider political or military campaign .
Some wiperware activity seen at the beginning of the Ukraine conflict mirrored the NotPetya style attacks of the past . To date , much of the disruption has been enacted by DDoS attacks , which take networks offline via the use of botnets that have been built up over the last several years . These methods have been a much easier type of attack to carry out with fewer repercussions than targeted wiperware . And similar to NotPetya , while
38 www . intelligentciso . com