Audits strengthen business operations, yet many organizations are fearful of the process, rather than seeing the benefits of audits. In this webinar, you get better insights in the auditing process and how you can use audits to strenghten and mature your overall risk programme.
Cyber Talk: Insight in an Advanced Ransomware Attack
1 February 2021 – Cyber Security Coalition
Don’t be hostage to ransomware!
No other form of malware attack is more on the rise but ransomware. It’s even more to be feared because of data sprawling to less defended edges of corporate systems, due to more home working. And it’s not only denial of access to data that’s at stake, but also data deletion, data stealing, possibly followed by data leaking, as well as device locking, preventing recovery.
In his Cyber Talk presentation, Edwin Weijdema, Global strategist product strategy at Veeam, offered an in depth insight into today’s ‘advanced ransomware attacks’. Including some why’s to pay attention: there’s an attack somewhere worldwide every 11 seconds; average payment is 180.000 USD (mainly in bitcoins) and company downtime is on average 16 days!
A ransomware attack runs through six stages. First is observation: gather information about a possible point of entry, from all possible sources (including social media and e.g. LinkedIn). Next is ‘sneaking in’, usually through phishing mails (including spear phishing and whale phishing: going for the top profiles). Once in, ‘setting up’ prepares the information environment for continued attack, followed by ‘elevate access’ to increase the number of accessible systems. One stage also involves the attackers ‘crippling the recoverability’ (e.g. thwarting BU and recovery procedures). And finally, ‘ransom declaration’: you get the ominous message on your screens. As an example, Edwin Weijdema describes an attack from Oct 15th till Dec 23rd 2020, on which date 267 servers were encrypted in 25 minutes time. Interesting advice: don’t contact the attackers immediately after the appearance of the message, buying yourself some additional response/recovery time.
Ultimately, it also depends on your measure of preparedness, particularly regarding recovery. Be prepared to restore 100% of a valid ‘100% BU’, in a tested business continuity and recovery process!
Other blog posts
This webinar focuses on the context of information security through governance, more particularly on the key role of the CISO and the value of COBIT as a digital governance framework for information security activities supported by the presentation of a best practice.
This webinar presents the building blocks of an effective organization-wide risk management and explains the requirements for IT risk management certification.
In this first webinar of the GRC: Be Connected! series, some very basic aspects of cyber security are treated: how to manage necessary skills, what about frameworks, where to find knowledge.
In the Lustrum Cyber Talk with our Chairman Jan De Blauwe, Marc Goodman looked back on the past five years' technology evolution through a unique wide-angle lens of cybercrime.