Cybersecurity and Business Continuity Monthly Open Call
      Back to home
      1. Knowledge Base
      2. Cybersecurity
      3. Cybersecurity and Business Continuity Monthly Open Call

      August 2021 - Ransomware

      Topics: Ransomware in 2021; Twitter Alerts; Ransomware Reality - 92% Don't Get Data Back; Ransomware Recovery and Responders; Sanctions Risks for Facilitating Ransomware Payments; Incident Response and Cyberattack Exercises; and Tips & Best Practices

      1. The State of Ransomware 2021

        Sophos’ annual ransomware survey delivers fresh new insights into the experiences of mid-sized organizations across the globe. It explores the prevalence of attacks, as well as the impact of those attacks on victims, including year-on-year trends. This year, for the first time, the survey also reveals the actual ransom payments made by victims, as well as the proportion of data victims were able to recover after they had paid.

        https://secure2.sophos.com/en-us/medialibrary/pdfs/whitepaper/sophos-state-of-ransomware-2021-wp.pdf

      2. Twitter recommendation: @ransomalert

      3. Ransomware Reality Shock: 92% Who Pay Don’t Get Their Data Back: https://www.forbes.com/sites/daveywinder/2021/05/02/ransomware-reality-shock-92-who-pay-dont-get-their-data-back/?sh=4750bd00e0c7

         

      4. Third Party Ransomware Recovery and Responders:
        1. https://www.flashpoint-intel.com/
        2. https://www.coveware.com/
        3. https://kivuconsulting.com/

           

      5. Read the Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments October 1, 2020. U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) here.
      6. Incident response and cyberattack exercises

      Tips and Best Practices from Shardul Amarchand Mangaldas & Company, on protecting your firm from Ransomware: 

      1. Email security with sandboxing capabilities
      2. NextGen firewall with AMP
      3. Web-filter with sandboxing to deal with zero day threats and C&C over web traffic
      4. OEM managed XDR solution for complete datacenter (24/7 alert monitoring, correlation, and prioritization, which helps to contain threats and automatically generates IoCs (indicators of compromise) to prevent future attacks)
      5. Custom on-premise sandboxing based on our infrastructure/applications
      6. Multifactor authentication – to deal with brute force/password guessing attacks
      7. Cyber Security awareness training
      8. SMIME Digital Signature
      9. Continuous data backup and data recovery
      10. Patch management: Patching is a critical component in defending against ransomware attacks as cyber-criminals will often look for the latest uncovered exploits in the patches made available and then target systems that are not yet patched & VAPT (Vulnerability Assessment and Penetration Testing)
      11. Endpoint protection
      12. Shared Desktop Virtualization
      13. Mobile container for corporate email and data access
      14. Restrict Permissions: least privileged policy
      15. 24x7 SOC
      16. WatchDog for DMS
      17. UEBA (User Entity Behavior Analytics)