Although the industry acknowledges a decline in the number of ransomware attacks in 2018, this news isn’t anything to get excited about. The trend has moved from targeting individuals via mass email campaigns to companies by way of manual attacks. Perhaps the reason for this is security awareness programs have been effective, and end users aren’t falling victim to ransomware delivered through email as often.
The problem is that bad actors are making headway with ransomware in more creative ways that have a bigger impact. The trend is for adversaries to establish persistence in their victim’s systems to enable a manual attack. They do reconnaissance, create a plan, and when the timing is right, they strike. This type of attack is devastating as the attackers usually disrupt or destroy the backups and target the most valuable data in an organization. They can coordinate the attack on hundreds of servers at the same time causing maximum disruption.
The scale and severity of these types of ransomware attacks are enabling these bad actors to demand much larger ransoms. When they can destroy backups, which have historically been a way to recover from a ransomware attack, victims often have little choice but to pay the ransom.
Many of the techniques being used in these manual attacks can be identified easily if monitoring systems are in place, but monitoring isn’t enough. Skilled resources must be ready and available to act. Would you be prepared if an attacker targeted your organization with a manual ransomware attack at midnight on a holiday weekend?
If you answered no, consider an MSSP offering. For example, as an MSSP ourselves, we can provide enhanced security threat protection that organizations without a dedicated 24×7 security team can’t do themselves. We have acquired a vast amount of knowledge and experience across a large customer base which can be leveraged by all our clients. If you answered yes, have you ever tested it? Have you done a tabletop exercise? We can help with that too. Only through regular testing will you truly know if your security program is keeping pace with the threat landscape.
Watch this brief presentation that demonstrates a vastly better way to solve these challenges.