Guest Post: Biden Administration To Bring Together 30 Countries To Crack Down On Ransomware

Later this month, the Biden administration will bring together 30 countries to discuss and address the threat of ransomware attacks. According to a statement, the meeting will “accelerate our cooperation in combatting cybercrime, improving law enforcement collaboration, stemming the illicit use of cryptocurrency, and engaging on these issues diplomatically.”

Security experts at vulnerability management and threat assessment Digital Defense by HelpSystems say, “Ransomware is one of the most popular tools of both amateur and expert threat actors. Just about anyone can purchase a ransomware strain off the dark web or can have the work done for them with ransomware-as-a-service (RAAS). And with the advent of cryptocurrency like Bitcoin, attackers can be nearly impossible to trace.”

Aside from the recent series of ransomware attacks on several U.S. critical infrastructure companies, including the Colonial Pipeline, threat actors and cybercriminal organizations also demonstrated how quickly they can adapt during the Coronavirus pandemic. Taking advantage of the transition to remote work and general upheaval, ransomware attacks spiked in the first months. Phishing efforts increased dramatically, with Google reporting that they were blocking 18 million phishing emails a day that contained the keyword “COVID-19,” in addition to 240 million emails with the simplified term “COVID”.

But what can be done to reduce ransomware risk?

Digital Defense experts say, “While the outlook may seem bleak, there are plenty of options to help safeguard your organization. First, we must all have realistic expectations—ransomware breaches are no longer fully preventable.  Instead, the goal is to put as many barriers in place between an attacker and an organization’s critical, sensitive data.

  • Running vulnerability scans and regularly penetration testing your environment helps find new vectors before an attacker does, minimizing risk. These proactive measures uncover potential vulnerabilities that an attacker may use to move laterally within a breached system or escalate their privileges.
  • Social engineering pen testing can uncover who is susceptible to these attacks by launching phishing simulation campaigns. From there, additional training can be provided to teach your employees how to be more vigilant before clicking another suspicious email.
  • Finally, it is critical to be able to detect ransomware breaches as quickly as possible, to minimize damage or thwart attackers completely. Threat detection tools like network traffic analysis (NTA) work to monitor your network for malicious activity, alerting your security team the moment an active infection is uncovered.
  • You can also enhance your endpoint protection technologies with active threat scans. After a breach is caught, there’s no time to sigh with relief, as it’s important to investigate the cause and assess the state of the environment to ensure that there won’t be a repeat attack.

Ultimately, it’s tempting to want to throw up your hands as the ongoing threat of ransomware looms large, but constant vigilance is a long-term strategy to combat this ongoing problem.”

Leave a Reply

%d bloggers like this: