If there was any doubt that ransomware actors are in full attack mode, here are just some of my top recent fire drills:
May as well disconnect from the internet on holidays as it seems that you’re likely to get pwned.
Emily Phelps, Director, Cyware offered up this comment:
“Cybercriminals are largely opportunistic, seeking the path of least resistance to execute an attack. They know that holidays can be a prime time to take advantage of potentially decreased defenses. Before the holidays, consider security awareness training and increase authentication and access controls. Patch and update systems and ensure incident response and recovery plans are current. Communicate with partners and vendors to ensure they are also maintaining strong security practices during the holiday season. Vigilance is critical year-round, and organizations must take additional steps before the holidays to safeguard against opportunistic threat actors. “
Stephen Gates, Principal Security SME, Horizon3.ai had this comment:
“In the context of recent headlines about massive data breaches, disruption of life-saving medical services, and successful ransomware attacks against government, healthcare, finance, education, and so on, it’s a clear indication that organizations of all sizes and across all industries are losing the battle against their adversaries. From a simple, high-level observation, never in history have so many organizations – and the public at large – been impacted by the current onslaught of recent criminal activity. At this point, most would agree that the layer upon layer of cyber defenses commonly deployed to protect everyone are simply not working.
“Almost all organizations today have no idea where their truly exploitable vulnerabilities exist, and due to this fact, it is supercharging attacker campaigns. If organizations cannot find that hidden chink in their armor, that crack in their layered walls of defense, that blind spot they didn’t even know existed, they will never be able to adequately defend themselves against a purposeful attacker with nothing but time on their side – and money on their mind. It’s time to go on the offensive and attack yourself with the same tactics, techniques, and procedures attackers use so you can see your networks through the eyes of an attacker – before they do.”
David Ratner, CEO, HYAS Infosec follows with this:
“Attacks on critical infrastructure don’t only cause reputational and financial damage but have the ability to impact human life as well. It’s vital that critical infrastructure providers everywhere follow the guidance of CISA and others and implement appropriate solutions for operational resiliency and business continuity — this is the only way they can ensure continual service, have the confidence to operate their businesses, and ultimately protect human lives.
“All too often bad actors leave themselves hidden backdoors to continue to exploit an organization even after restoration and cleanup. It’s why service-assurance and continual monitoring post cleanup is so important. The best way to accomplish this is with visibility into the various traffic streams coming out of the enterprise, to properly identify bad actors communicating with their malware via command-and-control and shut it down before damage ensues.”
The fact that there are this many ransomware events shows just how out of control ransomware actors are. Clearly something needs to be done or else there’s going to be no hope for any of us.
Related
This entry was posted on November 28, 2023 at 4:00 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Ransomware Actors Are On Full Attack Mode
If there was any doubt that ransomware actors are in full attack mode, here are just some of my top recent fire drills:
May as well disconnect from the internet on holidays as it seems that you’re likely to get pwned.
Emily Phelps, Director, Cyware offered up this comment:
“Cybercriminals are largely opportunistic, seeking the path of least resistance to execute an attack. They know that holidays can be a prime time to take advantage of potentially decreased defenses. Before the holidays, consider security awareness training and increase authentication and access controls. Patch and update systems and ensure incident response and recovery plans are current. Communicate with partners and vendors to ensure they are also maintaining strong security practices during the holiday season. Vigilance is critical year-round, and organizations must take additional steps before the holidays to safeguard against opportunistic threat actors. “
Stephen Gates, Principal Security SME, Horizon3.ai had this comment:
“In the context of recent headlines about massive data breaches, disruption of life-saving medical services, and successful ransomware attacks against government, healthcare, finance, education, and so on, it’s a clear indication that organizations of all sizes and across all industries are losing the battle against their adversaries. From a simple, high-level observation, never in history have so many organizations – and the public at large – been impacted by the current onslaught of recent criminal activity. At this point, most would agree that the layer upon layer of cyber defenses commonly deployed to protect everyone are simply not working.
“Almost all organizations today have no idea where their truly exploitable vulnerabilities exist, and due to this fact, it is supercharging attacker campaigns. If organizations cannot find that hidden chink in their armor, that crack in their layered walls of defense, that blind spot they didn’t even know existed, they will never be able to adequately defend themselves against a purposeful attacker with nothing but time on their side – and money on their mind. It’s time to go on the offensive and attack yourself with the same tactics, techniques, and procedures attackers use so you can see your networks through the eyes of an attacker – before they do.”
David Ratner, CEO, HYAS Infosec follows with this:
“Attacks on critical infrastructure don’t only cause reputational and financial damage but have the ability to impact human life as well. It’s vital that critical infrastructure providers everywhere follow the guidance of CISA and others and implement appropriate solutions for operational resiliency and business continuity — this is the only way they can ensure continual service, have the confidence to operate their businesses, and ultimately protect human lives.
“All too often bad actors leave themselves hidden backdoors to continue to exploit an organization even after restoration and cleanup. It’s why service-assurance and continual monitoring post cleanup is so important. The best way to accomplish this is with visibility into the various traffic streams coming out of the enterprise, to properly identify bad actors communicating with their malware via command-and-control and shut it down before damage ensues.”
The fact that there are this many ransomware events shows just how out of control ransomware actors are. Clearly something needs to be done or else there’s going to be no hope for any of us.
Share this:
Like this:
Related
This entry was posted on November 28, 2023 at 4:00 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.