Following the news that cyber criminals have stolen sensitive data from and encrypted the devices of a company which supports the US Minuteman III nuclear deterrent, cybersecurity experts provide an insight below.
Following the news that cyber criminals have stolen sensitive data from and encrypted the devices of a company which supports the US Minuteman III nuclear deterrent, cybersecurity experts provide an insight below.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
This is yet another high-profile example of a contractor being inadvertently used by threat actors to carry out a ransomware attack. Ransomware attacks are particularly prevalent at this time because threat actors know organisations may have left themselves vulnerable in the rush to avoid business disruption during the pandemic.
To deal effectively with ransomware organisations need to move from reactive, incident response to an anticipatory, threat preparedness mindset. Practical measures include ensuring all data is backed up with copies kept offline. Other steps include maintaining a secure infrastructure in line with NIST, ISO, or NCSC standards. Additionally, put in place a mechanism to cover lateral movement and ransomware detection and mitigation. Create, exercise, and update your incident response place at least yearly. Keep your systems are updated and have the latest patches.
Cybercrime has matured. Executives and boards must understand that cybercrime is no longer relegated to the realm of amateurs hoping to strike it rich with an untargeted ransomware attack.
Organized cybercriminals are big-game hunting, and they are gunning for companies to take down. Companies are reaching a turning point where they understand that it’s inevitable they will succumb to a cyberattack. It’s one reason why the principle of zero trust is gaining ground: You can’t trust users because any user could be compromised at any time.
Sure, it’s important to train users about phishing, perform backups and patch systems. But what’s really scary is the idea that criminal groups will steal important data before they encrypt it and hold it for ransom. Talk about adding insult to injury: a company could pay the ransom, only to have their files leaked.