One main objective of the European Cyber Security Act is to inform business and consumers about the security of ICT products, processes and services, through certification schemes. This webinar provides solid information about the present status of the Act's implementation.
Cyber Talk: Insight in an Advanced Ransomware Attack
1 February 2021 – Cyber Security Coalition
Don’t be hostage to ransomware!
No other form of malware attack is more on the rise but ransomware. It’s even more to be feared because of data sprawling to less defended edges of corporate systems, due to more home working. And it’s not only denial of access to data that’s at stake, but also data deletion, data stealing, possibly followed by data leaking, as well as device locking, preventing recovery.
In his Cyber Talk presentation, Edwin Weijdema, Global strategist product strategy at Veeam, offered an in depth insight into today’s ‘advanced ransomware attacks’. Including some why’s to pay attention: there’s an attack somewhere worldwide every 11 seconds; average payment is 180.000 USD (mainly in bitcoins) and company downtime is on average 16 days!
A ransomware attack runs through six stages. First is observation: gather information about a possible point of entry, from all possible sources (including social media and e.g. LinkedIn). Next is ‘sneaking in’, usually through phishing mails (including spear phishing and whale phishing: going for the top profiles). Once in, ‘setting up’ prepares the information environment for continued attack, followed by ‘elevate access’ to increase the number of accessible systems. One stage also involves the attackers ‘crippling the recoverability’ (e.g. thwarting BU and recovery procedures). And finally, ‘ransom declaration’: you get the ominous message on your screens. As an example, Edwin Weijdema describes an attack from Oct 15th till Dec 23rd 2020, on which date 267 servers were encrypted in 25 minutes time. Interesting advice: don’t contact the attackers immediately after the appearance of the message, buying yourself some additional response/recovery time.
Ultimately, it also depends on your measure of preparedness, particularly regarding recovery. Be prepared to restore 100% of a valid ‘100% BU’, in a tested business continuity and recovery process!
Other blog posts
This session of the Privacy Focus Group provides a valuable and practical primer for acquiring more insight in the issue of international data transfers after Schrems II and Brexit.
The webinar teaches you that information security must be handled in a structured way. Three Coalition members explain how frameworks such as CISM, NIST and ISO 27001 certification can support you in your role as CISO.
Audits strengthen business operations, yet many organizations are fearful of the process, rather than seeing the benefits of audits. In this webinar, you get better insights in the auditing process and how you can use audits to strenghten and mature your overall risk programme.
This webinar focuses on the context of information security through governance, more particularly on the key role of the CISO and the value of COBIT as a digital governance framework for information security activities supported by the presentation of a best practice.