Ransomware attacks are on the rise in both volume and sophistication. Triple extortion (a ransomware attack on one business leading to extortion threats on its business partners) is raising the cost of attacks. Ransomware-as-a-Service puts the means to attack in the hands of smaller criminal entities, making the tactic a commodity and not just the tool of masterminds. It’s no surprise that ransomware attacks are now substantially more expensive to recover from than other types of data breaches.
Keeping attackers out of your systems altogether is ideal, but cyber criminals are persistent and inventive. So what can you do to stop ransomware attacks from succeeding?
Data encryption at all levels is a powerful measure and critical to implement with depth and weight. But it should be only part of a larger whole. You should consider augmenting encryption with additional controls that identify attackers at the application and process levels. This technique is known as application (or process) allowlisting.
Let’s discuss why it’s necessary, how it works and how to use it.
Common Malware and Ransomware Tactics in a Nutshell
A common cyberattack involves installing dummy applications on endpoints that look like common utilities — Word, Adobe Photoshop or Slack, for example — but which secretly encrypt and/or exfiltrate data. Phishing tactics are the most common way for these applications and trojan horses to find their way onto a system. Without realizing it, an employee may click a seemingly harmless link that installs malware on their device. When one of these malware applications shows up on a desktop or in a directory, ..
Support the originator by clicking the read the rest link below.
