Ransomware attacks are becoming more prevalent against companies of all industries. A large-scale survey shows that more than one-third of companies worldwide have been hit by one or more ransomware attacks or breaches in the past year. Companies know to protect themselves, but they continue to remain vulnerable to ransomware threats. Executives have serious questions about what to do, such as what are the root causes of the increase in ransomware attacks? Why are companies falling victim to these attacks? What should companies worried about ransomware do?
Max Henderson, Manager of Incident Response, provides answers to these questions and offers practical advice in the Security Ledger Podcast with host Paul Roberts. Max discusses relevant topics including:
- How ransomware attacks are evolving. Cybercriminals are changing the techniques they use to execute attacks. Initially, ransomware had a single function where the attacker would enter a network and encrypt the data. It then evolved to double extortion where the attacker would steal data and threaten to leak it and the attacker would encrypt the data and hold it for ransom. Max explains the new triple-extortion ransomware threat he’s seeing from cybercriminals.
- Why companies are victims. Companies continue to fall victim to ransomware attacks for many reasons. Max discusses why having the right products, the proper configurations and hardening in place for the environment and the cybersecurity talent needed to monitor 24/7 is critical when fighting against cybercriminal groups.
- What action to take (or not take) if a threat is detected. Companies need to make it difficult for cybercriminals to get into their networks, and when a cyber incident is detected, they must know how to properly respond.
“If you make the mistake of letting the threat actor know that you’re on to them, if you tip your hand that you’re responding to them, they’re going to start to have knee-jerk reactions, and they’re going to quickly escalate their attack,” says Max. He offers advice for how to respond to early signs of an emerging threat or an ongoing attack.
- When a company needs to hire outside help. With so many different threats on the cybersecurity landscape, a company must have confidence in its in-house ability to respond to an attack. To help increase confidence, the company should consult with an outside team for help, whether that means hiring an incident response team to keep on retain or securing a team that can parachute in during an emergency situation. Max discusses various scenarios when a company should strongly consider hiring outside help.
Cybercriminals are using ransomware to attack companies at an increasing pace. Learn what your company can do to protect itself against a ransomware attack in this podcast.