2021 Trends Show Increased Globalized Threat Of Ransomware – Expert Commentaries

The cyber security experts from the UK, US, and Australia have issued a joint alert about the “growing wave of increasingly sophisticated ransomware attacks” which could have “devastating consequences”.

Experts Comments

February 14, 2022
Steve Bradford
Senior Vice President
SailPoint

The wave of ransomware across critical sectors including health, education, financial services and energy makes clear that cyber criminals have upped the ante—and attacks have gone into stealth mode. The nature of ransomware has become so destructive that it has now prompted Britain, the United States and Australia to release a rare joint alert.

“Ransomware has become so effective that many organisations have simply paid ransom, sometimes to the tune of thousands of dollars. To reduce the

.....Read More

The wave of ransomware across critical sectors including health, education, financial services and energy makes clear that cyber criminals have upped the ante—and attacks have gone into stealth mode. The nature of ransomware has become so destructive that it has now prompted Britain, the United States and Australia to release a rare joint alert.

“Ransomware has become so effective that many organisations have simply paid ransom, sometimes to the tune of thousands of dollars. To reduce the risk of ransomware, organisations across all sectors must implement multiple security controls. This should be a standard best practice for cyber security and will also reduce the risk of other malicious malware threats.

  Read Less
February 11, 2022
Neil Stobart
VP of Global System Engineering
Cloudian

Security experts will continue to miss the mark with ransomware protection. Security experts continue to tout increased perimeter defense as the catch all for ransomware protection.

However, businesses that experienced an attack had perimeter defenses in place and ransomware still managed to get in and organizations that were penetrated through phishing emails had conducted anti-phishing training for employees. The threat of ransomware will only continue to rise and this alert only confirms

.....Read More

Security experts will continue to miss the mark with ransomware protection. Security experts continue to tout increased perimeter defense as the catch all for ransomware protection.

However, businesses that experienced an attack had perimeter defenses in place and ransomware still managed to get in and organizations that were penetrated through phishing emails had conducted anti-phishing training for employees. The threat of ransomware will only continue to rise and this alert only confirms that. It is now a matter of “if,” not “when,” an attack will occur. Given these realities, more organizations will recognize the need to protect data at the storage layer with an immutable backup copy, ultimately ensuring they can recover quickly from an attack without having to pay ransom.  

  Read Less
February 10, 2022
Dan DeMichele
VP, Product Management for LastPass
LastPass

The latest wave of cyberattacks is a powerful reminder of their increasing sophistication. Driven by the pandemic and unprecedented digital transformation, in our heightened cyber threat landscape there has been a significant target shift. Cybercriminals aren’t just coming for governments, large scale enterprises and critical infrastructure, individuals and SMBs are on their radar too. The message is clear – everyone at every level needs to be prepared.  

The good news is that when it comes to

.....Read More

The latest wave of cyberattacks is a powerful reminder of their increasing sophistication. Driven by the pandemic and unprecedented digital transformation, in our heightened cyber threat landscape there has been a significant target shift. Cybercriminals aren’t just coming for governments, large scale enterprises and critical infrastructure, individuals and SMBs are on their radar too. The message is clear – everyone at every level needs to be prepared.  

The good news is that when it comes to cybersecurity, there are proactive things you can do to protect yourself.  

 When you receive an alert that there may have been a breach, there are three steps to take. Firstly, you should always change your account password. Leaked passwords are usually sold on the dark web or added to databases that hackers use to crack passwords. Changing a breached password ensures hackers can't log in to your account. If you were using the same password for other web accounts, those need to be changed immediately too. 

 Secondly, consider using a password manager which can help create and store strong passwords, then enter your credentials when you return to a website to log in. Some can also help you keep an eye out for suspicious activity involving your personal information on the Dark Web so you can take action accordingly. 

 Thirdly, use two-factor authentication to make your accounts more secure. This is when you use an app to generate a code or get a notification on your device and helps to prove the person logging into the account is who they say they are. Any unauthorised access therefore gets shut down in real-time.

  Read Less
February 10, 2022
Steve Cottrell
EMEA CTO
Vectra AI

The Joint Cyber Security Advisory confirms that we are now all facing an increased level of risk associated with the threats presented by ransomware. It stands to reason that so long as ransom payments are being made, we can expect this now highly sophisticated industry to continue to grow. With the emergence of highly professional Ransomware as a Service (RaaS) operators, the barrier to entry for criminals has never been lower. Notably, the advisory highlights the importance of AI enabled

.....Read More

The Joint Cyber Security Advisory confirms that we are now all facing an increased level of risk associated with the threats presented by ransomware. It stands to reason that so long as ransom payments are being made, we can expect this now highly sophisticated industry to continue to grow. With the emergence of highly professional Ransomware as a Service (RaaS) operators, the barrier to entry for criminals has never been lower. Notably, the advisory highlights the importance of AI enabled network detection capabilities and their ability to detect and mitigate ransomware attacks early in the attack phase before encryption occurs.

  Read Less
February 10, 2022
Chris Boyd
Lead Malware Intelligence Analyst
Malwarebytes

Much of what's in the CISA’s report reads as a continuation of attacks from recent years, with a focus on stolen RDP credentials and phishing to gain a foothold in the network as well as targeting MSPs to potentially compromise several targets at once. The shift away from so-called "big-game" targets to smaller entities because of generating too much heat from major ransomware outbreaks could spell trouble for SMEs, as ransomware groups redouble their efforts on organisations which may not

.....Read More

Much of what's in the CISA’s report reads as a continuation of attacks from recent years, with a focus on stolen RDP credentials and phishing to gain a foothold in the network as well as targeting MSPs to potentially compromise several targets at once. The shift away from so-called "big-game" targets to smaller entities because of generating too much heat from major ransomware outbreaks could spell trouble for SMEs, as ransomware groups redouble their efforts on organisations which may not have the security budget to withstand sustained, aggressive attacks.

  Read Less
February 10, 2022
Jim Hietala
Vice President - Business Development & Security
The Open Group

In the Digital Age, it’s necessary for organizations to ensure a seamless flow of data across a plethora of networks, applications and storages. However, the dilemma is that it is no longer feasible, or even possible, to consider all elements of the service topology as “trusted”. Zero Trust is a critical concept because it brings security to the users, data/information, applications, APIs, devices, networks, cloud, etc. wherever they are – instead of forcing them onto a “secure” network.  

The

.....Read More

In the Digital Age, it’s necessary for organizations to ensure a seamless flow of data across a plethora of networks, applications and storages. However, the dilemma is that it is no longer feasible, or even possible, to consider all elements of the service topology as “trusted”. Zero Trust is a critical concept because it brings security to the users, data/information, applications, APIs, devices, networks, cloud, etc. wherever they are – instead of forcing them onto a “secure” network.  

The cybersecurity industry is more difficult to navigate than ever before. Continuous data breaches and ransomware attacks which are impacting commercial entities and governmental agencies prove that network-centric approaches no longer work. The industry needs to establish standards and best practices for Zero Trust as the overarching information security approach for the Digital Age, and create models which are data- and asset-centric, as opposed to traditional network-centric approaches.

  Read Less
February 10, 2022
Joseph Carson
Chief Security Scientist & Advisory CISO
Thycotic

Cybercriminals are targeting organizations where it hurts most and that’s financially, which is why ransomware will continue to evolve and become the primary cyber risk.  The threat of not having access to your data or your sensitive data being spread around the internet can hurt companies financially or expose them to other legal battles such as foul play or regulatory fines.   

In the current world of remote working, ransomware continues to target employees remotely, and worse still, critical

.....Read More

Cybercriminals are targeting organizations where it hurts most and that’s financially, which is why ransomware will continue to evolve and become the primary cyber risk.  The threat of not having access to your data or your sensitive data being spread around the internet can hurt companies financially or expose them to other legal battles such as foul play or regulatory fines.   

In the current world of remote working, ransomware continues to target employees remotely, and worse still, critical supply chains as that will not only affect one single company but all companies using that service.

  Read Less
February 10, 2022
Jake Moore
Cybersecurity Specialist
ESET

In the constant game of cat and mouse, malicious actors constantly review, adapt and evolve in ways to mitigate detection, and as predicted, this year is heating up once more. The growth in underground marketplaces sharing and selling company secrets is now booming and with disastrous results making things even more challenging. Mitigation techniques are increasingly more difficult to follow with so many parts to the supply chain and an explosion in home working all amounting to a surge in

.....Read More

In the constant game of cat and mouse, malicious actors constantly review, adapt and evolve in ways to mitigate detection, and as predicted, this year is heating up once more. The growth in underground marketplaces sharing and selling company secrets is now booming and with disastrous results making things even more challenging. Mitigation techniques are increasingly more difficult to follow with so many parts to the supply chain and an explosion in home working all amounting to a surge in attack vectors. The past two years have painted a target on the back of businesses of all sizes and no one should remain complacent. Ransomware is an ever evolving and increasing threat with staggering payouts making criminals come back for more. Robust antimalware and up to date protocols in the knowledge of what to do when, rather than if, ransomware strikes is more imperative than ever.

  Read Less
February 10, 2022
Paul Farrington
Chief Product Officer
Glasswall

As world-leading cyber powers, the UK, US and Australian governments have a critical role to play in the fight against global cybercrime. A strong alliance between countries provides a clear deterrent for cybercriminals - it strengthens defences against cyberattacks and provides a clear protocol for approaching global incidents.

It is vital that governments from leading nations form these partnerships and develop collaborative strategies to mitigate the increasingly complex threat of global

.....Read More

As world-leading cyber powers, the UK, US and Australian governments have a critical role to play in the fight against global cybercrime. A strong alliance between countries provides a clear deterrent for cybercriminals - it strengthens defences against cyberattacks and provides a clear protocol for approaching global incidents.

It is vital that governments from leading nations form these partnerships and develop collaborative strategies to mitigate the increasingly complex threat of global cybercrime. This now requires a global effort, particularly when it comes to helping countries with less developed cyber capabilities. Global collaboration ensures no single state can take advantage - a sentiment that has gained renewed importance as geopolitical tensions around Ukraine continue to ignite. Working together on joint strategies will produce benefits for all nations, not just those with the most power. 

With ransomware attacks more sophisticated than ever – and advancing by the day – unity across the world’s most powerful nations is crucial to prevent the recurrence of disastrous cyber attacks. Organisations across the globe should take note of all advice provided by the joint advisory to boost resilience against cybercriminals.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.