As Ransomware Costs Balloon, It’s The Last Call For Legacy Security
Ransomware attacks are getting more and more expensive. But amid the financial wreckage and reputation, there can be an unexpected silver lining. Perhaps the rising average bill finally provides vulnerable organizations with a compelling business case for upgrading outdated legacy defenses. Ransomware Costs Balloon
2021 sees a steady parade of new high-profile ransomware victims. Colonial Pipeline to JBS Meat Processor to Kia Motors America. This is good news, according to a recent report from Sophos and Microsoft. That the rate of attacks has been declining over the years.. But don’t take this to mean that the old defense systems suddenly mysteriously became more effective. Ransomware Costs Balloon And that certainly doesn’t mean ransomware is less trending now, and we might consider chilling out. Fewer attacks simply signal a more thoughtful and effective strategy on the part of the Black Hats: a sharper focus on more lucrative targets.
Remediation Costs Soar
The bad news is that between 2019 and 2020, the average cost to fix ransomware doubles. According to Sophos, 1.85 million. In the United States, it’s even more so. – $ 2.09 million – and in March 2021, CNA Financial paid its attackers 40 million. If this is correct, it would be the highest ransom payment known to date.
Like flat tires, migraines, and flight delays, ransomware attacks are an unpleasant and incurable reality for the foreseeable future. Today, no region, country, or industry is immune from such attacks or their costs. The White House is implementing counter-initiatives, including a multi-agency ransomware task force and Congress is proposing the “Ransom Disclosure Act,” but the wind will not be reversed by Washington alone. Ransomware attacks also cannot be reliably mitigated by training employees; employees often create entry points for attacks by falling for phishing links, but it is unrealistic to expect an error-free workplace.
It is not possible to meet the perimeter of the organization using existing security policies and tools. And it is neither possible nor feasible to achieve impeccable security. These solutions have proven ill-equipped to keep pace with modern technology stacks, new cloud environments, and the ever-changing threat landscape.
Top Option Must Be a Bold Strategy
The only option is the bold option. Organizations need to implement more robust security mechanisms. and as optimists, we can hope that the rising cost per incident of ransomware attacks, and their tendency to make headlines, laser erase the last traces of corporate complacency in the face of this crisis.
- Let’s take a moment to take a step back.
- Most ransomware attacks have four key phases:
- An attacker infiltrates one or more systems of the target organization.
- Often undetected, the attacker penetrates deep into the organization’s data systems.
- Hours, days, or weeks later, data exfiltration and encryption occur. causing the organization to lose control of its own critical information.
- With the target organization in damage control mode, a ransom demand is issu.
Faced with this established attack pattern
Faced with this established attack pattern, organizations must adapt and combine several different measures to address high-level security. It has all the known malware delivery infrastructure. And payloads, limitations of Internet-accessible services, and systems that block multi-factor authentication (MFA) requirements. Merge these strategic steps with a comprehensive search and response strategy that includes robust search capabilities (across endpoints, networks and the cloud) designed to detect ransomware attacks as quickly as possible and find fast response capabilities to stop attackers in their tracks.
This should be done to quickly and accurately identify unusual and suspicious activity in the network environment. so having the mechanism can reverse the above four-step script. and rapid, post-penetration detection can position an organization to stop an attack before it reaches the exfiltration and encryption stages.
The most recent ransomware attacks have target traditional on-premises networks, but this trend is not design to last. As cloud and SaaS applications become go-to business solutions and richer repositories for critical data. we will see more opportunistic cloud-centric ransomware inroads. This likely means attacks against public cloud assets and data stored in business-critical SaaS applications. Security solutions implemented by organizations today must anticipate and adapt to changing cloud environments.
Status Quo Has Got to Go
The most worrying motive in the age of ransomware isn’t the daring, success rate, or profit margins of attackers. It is the conviction constantly express, in the upper echelons of the company, that the current protections are sufficient. In the late 2010s, credible surveys revealed that fewer organizations viewed ransomware as a threat. and most senior executives felt their IT infrastructure was secure. This amid a ransomware rampage. My industry colleague Jay Chaudhry at Zscaler is absolutely correct in calling the creeping danger to organizations posed by “WADITWay disease,” as in We’ve Always Done It This Way.
Our secure digital future depends on the fulcrum to do something new. A strong security posture against ransomware can be achieved, but only when organizations recognize the need to proactively adapt and evolve their security strategies, and not simply respond to attacks with legacy solutions – once they are damage caused.