The past year has seen tons of exciting changes in the way we work, including the rapid adoption of hybrid work models and flexible technology designed to empower dispersed workers. But this evolution of the way we work has also led to the evolution of cybersecurity threats, particularly those targeting remote and hybrid workers. Ransomware attacks have become a serious risk for organizations of all sizes, with the average cost of a ransomware breach reaching $4.62 million.
Kurt Roemer, Citrix Chief Security Strategist, provides key insights into why ransomware is becoming a bigger threat, the new tactics malicious actors are using to target your scattered workforce, and how your organization can best protect sensitive data against sophisticated ransomware-as-a-service attacks. shared.
Now more personal and more targeted
According to Roemer, ransomware attacks are much worse than they have ever been. There are several reasons for this, but most importantly, ransomware attacks have become more personal and targeted. Today, malicious actors use social media and other publicly available information to target specific individuals with high levels of authority and access privileges. This is one of the reasons why we see so many ransomware attacks in international news headlines.
Malicious actors use these software and firmware vulnerabilities to identify ransomware targets. In the past, we need patches that were once a month for critical security updates, now as quickly as possible.
Here are the steps businesses should take
According to Roemer, businesses should definitely pay attention to:
- Awareness: The first step is definitely awareness. You need to keep track of what’s happening in security news and how ransomware is changing. Attacks now ranged from encrypting one’s local drive, encrypting networks and file shares, and even snooping and accessing cloud services.
- Plan: Ransomware has also evolved into racketeering methods in many instances where attackers scrutinize your data and see if there is anything sensitive or embarrassing that they might threaten to leak. Therefore, the next step should be to have a plan in place when targeted ransomware attacks occur, because mitigating these risks is not only technically important, but also socially and ethically important. Your public relations and communications team needs to ask: “If this happens, how will we manage the situation? How will we declare a state of emergency for this event? How will we prioritize it?”
- Employee Training: Educate your employees about ransomware, as stolen credentials were the most widely used attack vector over the past year.
- Zero Trust and SASE: You also need to adopt Zero-Trust, starting with your endpoints that most attackers use to log in. Make sure to apply patches to devices and applications regularly, and apply EDR and SASE solutions to protect access to your network and cyber resources. These tools allow you to automate security for the endpoints of your workforce.
- Simulators: There are also ransomware simulators available to test your resistance to attacks and rehearse your response in the event of a data breach. Above all, take ransomware seriously by having a tested plan for preventing and responding to ransomware attacks. Preparation allows you to act with determination, not panic or fear.
21296
