Intelligent Tech Channels Issue 36 | Page 39

“ The new ransomware landscape is about a much more deliberate and strategic approach , where the threat actors are looking to ransom an entire company , their entire business operations and shut that whole organisation down at once in order to get a much larger ransom payment ,” said DeGrippo .
“ We used to see US $ 100 to US $ 800 for ransoms . Now we ’ re seeing ransoms in the millions , because what they ’ re able to ransom is no longer just files , but an entire company ’ s ability to operate .”
How successful threat actors are in obtaining these ransoms
“ Typically in my line of work we look to stop these things before they ever get to those end-users but , from what I have seen in the media , it does appear that a lot of the very
As we saw the situation develop over the past several months , beginning at the early part of 2020 , as things started to move west , we were definitely questioning how this current event would impact the threat landscape and we saw the first use of COVID-19 in social engineering attacks in late January . sophisticated ransomware actors are able to extract a decent amount of the ransoms that they deploy ,” said DeGrippo .
However , there is question around the culpability of an organisation that pays a ransom due to various international laws . Organisations need to ensure they have a plan for how they will deal with incidents and ransomware in a pandemic .
“ We don ’ t just want an incident response plan , we want an incident response plan for the usual things , plus ransomware , plus a pandemic . I don ’ t think a lot of organisations are prepared that way so they need to work on that today .”
Best practice advice for incident response
DeGrippo highlights that the best practice advice for incident response is for organisations to understand their people and their processes , because the threat actors will know them just as well as the business itself .
“ It ’ s important to deeply understand those . In addition to that , what ’ s really important for organisations to think about is , ‘ hey , we ’ re not operating in our traditional world anymore . That IT helpdesk is not down on the third floor the way they used to be . Our users are
INTELLIGENT TECH CHANNELS
INTELLIGENT TECH CHANNELS Issue 36
39