BACKGROUND:
In response to reports that a new study produced by Cybereason found that organizations are significantly more vulnerable to ransomware attacks during weekends and holidays, Information Security Expert offers the following comment.
BACKGROUND:
In response to reports that a new study produced by Cybereason found that organizations are significantly more vulnerable to ransomware attacks during weekends and holidays, Information Security Expert offers the following comment.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>Ransomware and other cyber attacks over the holidays are major concern for many organisations, but as criminals apparently evolve and update their tactics on a frequent basis, it can become overwhelming as to how organisations can or should protect themselves.</p>
<p>Organisations should review external sources of threat intelligence as well as internal incident logs to determine accurately what tactics criminals use and where they have gaps in their posture. In many cases, criminals are successful in attacking organisations either through social engineering attacks, by exploiting weak credentials, or unpatched vulnerable systems. </p>
<p>By focussing on these key areas, particularly raising security awareness among staff, partners, and customers, can help reduce the risk greatly and help organisations take time off during the holidays and sleep better at night.</p>
<p>Ransomware gangs often time the “impossible not to notice” final part of their extortion campaigns for holidays and weekends to minimize the possibility of detection. Cybercriminals understand that most organizations operate with skeleton crews of mostly junior staff or even purely on call during these periods that can give them several hours to inflict maximal damage even if detected by an antivirus or monitoring system. The crucial thing to realize is that no one tool is a silver bullet for preventing or responding to a cyberattack. Rather, it requires a cultural approach to security for an organization to defend against modern threat actors. It requires a holistic approach including skills and awareness training, a review of all areas of the organization that could lead to security vulnerability and layered defenses that assumes one or more primary security controls has failed or been bypassed by the attacker in forming a protective strategy.</p>