Don’t be hostage to ransomware!

No other form of malware attack is more on the rise but ransomware. It’s even more to be feared because of data sprawling to less defended edges of corporate systems, due to more home working. And it’s not only denial of access to data that’s at stake, but also data deletion, data stealing, possibly followed by data leaking, as well as device locking, preventing recovery.

In his Cyber Talk presentation, Edwin Weijdema, Global strategist product strategy at Veeam, offered an in depth insight into today’s ‘advanced ransomware attacks’. Including some why’s to pay attention: there’s an attack somewhere worldwide every 11 seconds; average payment is 180.000 USD (mainly in bitcoins) and company downtime is on average 16 days!

A ransomware attack runs through six stages. First is observation: gather information about a possible point of entry, from all possible sources (including social media and e.g. LinkedIn). Next is ‘sneaking in’, usually through phishing mails (including spear phishing and whale phishing: going for the top profiles). Once in, ‘setting up’ prepares the information environment for continued attack, followed by ‘elevate access’ to increase the number of accessible systems. One stage also involves the attackers ‘crippling the recoverability’ (e.g. thwarting BU and recovery procedures). And finally, ‘ransom declaration’: you get the ominous message on your screens. As an example, Edwin Weijdema describes an attack from Oct 15th till Dec 23rd 2020, on which date 267 servers were encrypted in 25 minutes time. Interesting advice: don’t contact the attackers immediately after the appearance of the message, buying yourself some additional response/recovery time.

Ultimately, it also depends on your measure of preparedness, particularly regarding recovery. Be prepared to restore 100% of a valid ‘100% BU’, in a tested business continuity and recovery process!

Other blog posts

How do data protection rights fare in Corona times?

In this GDPR anniversary webinar, three privacy experts focus on the challenges they face when assessing and implementing government measures adopted in the fight against COVID19. The Corona pandemic has risen awareness of the importance of privacy, not only in our private life but also in the employer-employee relationship, and the need for a broader democratic testing of privacy threatening technologies.

EU Cybersecurity Act: moving forward

One main objective of the European Cyber Security Act is to inform business and consumers about the security of ICT products, processes and services, through certification schemes. This webinar provides solid information about the present status of the Act's implementation.

Share this useful content with friends: