How Ransomware Defense is Evolving With Ransomware Attacks

How Ransomware Defense is Evolving With Ransomware Attacks
As data exfiltration threats and bigger ransom requests become the norm, security professionals are advancing from the basic "keep good backups" advice.

Ransomware became deadly in 2020.


Healthcare facilities were attacked at an alarming rate, including one incident in Germany that lead to a patient death when an attack locked critical systems and a woman needing critical care was turned away. She died after she had to be taken to another city for treatment. 


Ransomware is now one of the fastest-growing threats in cybersecurity, with damages predicted to cost $20 billion globally by 2021, up from $354 million in 2015.


But if you work in infosec, you probably knew that. We're not here to tell you ransomware is a problem. But we are here to examine what security teams are doing to defend against it, and what techniques are emerging as best bets to mitigate ransomware.




(image by local_doctor, via Adobe Stock)



Frankly, the current landscape isn't great, according to Azeem Aleem of technology services firm NTT Ltd. Ransomware attacks are more aggressive and diversified than ever before - and they use multiple attack vectors. There is an entire industry now dedicated to selling ransomware on the black market (ransomware as a service), which lowers the barrier for criminals to enter, and means more attackers are getting into this very profitable business.


"Defense is struggling," says Aleem. "Some ransomware groups are teaming up with other threat actors, where the initial compromise is performed by commodity malware and then they provide access to a secondary threat actor operating ransomware as ..