CSO Says “New LokiLocker Ransomware Is An Identity Problem”

Ransomware isn’t solely a malware problem, bad actors want access to your data, so it really is a data security and access problem. However, many organizations are missing the point. For instance, as phishing is a common vector, many companies invest in email security and anti-virus to stop the malware. While this is a good best practice that will thwart many attacks; ransomware still makes its way in. This is like chasing shadows. What happens when there are new malware variants that leverage different vulnerabilities and penetration techniques? Can your anti-virus keep up? Time and again these advanced ransomware attacks aim to render traditional defenses useless.

When we look at what ransomware does, it leverages a users’ access within an organization to encrypt sensitive files (and often also steal). The authentication given to a user defines the level of damage the hacker will do. Therefore, a zero-trust, identity-first approach is critical. To prevent ransomware, you can’t just lock down data, you need a clear method of verifying all identities within an organization, whether human or machine.

This is where the combination of identity-first approaches combined with PKI certificates enable immutable proof that ‘this person (or entity) is who they say they are.’ When combining identity-first principles with least privilege data access security, ransomware attacks can be stopped in their tracks, and in some cases prevented entirely. Ultimately, ransomware attacks are mitigated, or even cut off at the source, and organizations aren’t left endlessly chasing shadows or putting out fires.