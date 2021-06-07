Expert Comments

Wave Of Ransomware Draws Government Attention, Expert Weighs In

The US government’s response to the ever growing threat of ransomware is long overdue, but is it too late? With more priority set to be placed on ransomware attacks and the consequential investigations, we’re in a prime position to make strides in preventing these attacks. 

Charles Everette
June 07, 2021
Director of Cybersecurity Advocacy
Deep Instinct

The primary thinking around leveraging automation was “ease of use” and lowering of operating costs.

Major flaws in vital US infrastructure have been well documented by the government itself and 3rd party investigations, and these reports have all identified key vulnerabilities in vital infrastructure that malicious actors have and will continue to exploit. These attacks have taken advantage of common security gaps that were created when companies started leveraging automation for data analytics, operations and management. The primary thinking around leveraging automation was “ease of use” and lowering of operating costs. Unfortunately security was not a consideration in these strategies, nor did it appear on the long-range radar of companies. Now, years later and after several attacks on US infrastructure, we’re paying the price of these vulnerabilities and security gaps are being investigated in earnest.

 

Prosecution after the fact is not solving the issue. Companies need to stop being reactive and move to being proactive and should be looking for solutions to prevent these attacks, not reacting after the fact. 

 

Predictive deep learning has proven to prevent these types of ransomware and next-gen zero days threats – months to even years before the threats were even conceptualized, much less leveraged in attacks. In practical testing just this week, we saw success in preventing new variants such as those used in the attack against JBS (REvil), Washington D.C. Police (Babuk), and last month at CNS Financial (Phoenix Locker/Hades). These attacks, and the other highly publicized attacks in recent months, all would have been stopped before they made it into a customers’ network. In the era of Snake, Maze, DoopelPaymer, Hades, ReEvil, DarkSide, and others, this means companies would not be impacted by these growing and sophisticated threats.

