Page 141 - Cyber Defense eMagazine December 2022 Edition
P. 141

But  while  new  tools  can  help  combat  ransomware  attacks,  organizations  may  be  overlooking
            fundamental gaps that will allow attackers to bypass their expanding security stacks.



            Ransomware remains top of mind for organizations



            The fallout, and possible damage to an organization’s reputation, from a ransomware attack, remains a
            top concern for organizations when addressing their security operations.

            This  fear,  combined  with  an  expectation  that  ransomware  will  eventually  successfully  impact  their
            networks,  has  led  organizations  to  divide  their  focus  between  defending  against  intrusions  and
            extenuating their effects.

            That has included an increased focus on recovery efforts, such as companies purchasing cyber insurance
            to mitigate potential losses or opening cryptocurrency accounts as a preparedness measure to pay the
            ransoms that attackers may demand.


            These efforts come alongside organizations’ desire to mount a more robust defense to reduce their risk
            of  a  ransomware  attack,  adding  new  tools  to  their  technology  stack.  However,  while  pursuing  new
            solutions may offer organizations new capabilities, they may not reduce risk if foundational cybersecurity
            practices remain overlooked.

            Threat vectors such as unmonitored devices accessing the network and malware-stolen session cookies
            that  can  enable  session  hijacking  can  be  as  damaging  as  traditional  ransomware  entry  points  like
            unpatched software or phishing emails.

            Implementing new solutions without first addressing the core issue can leave organizations with critical
            security gaps that make them more vulnerable to ransomware attacks and are ultimately a band-aid on
            a bullet wound when it comes to a true defense program.



            The attacker is already inside the house




            As attackers already have access to an organization’s data before deploying ransomware, IT security
            professionals  must  be  able  to  prevent  potential  breaches  through  solutions  like endpoint  protection,
            credential monitoring, user and entity behavior analytics, software patching, and other best practices.

             But  even  with  those  steps  in  place,  organizations  face  vulnerabilities  from  third-party  and  partner
            applications that may sidestep cybersecurity tools. The risk of a third party-based cyberattack was ranked
            as the top concern for organizations when reflecting on their cybersecurity plans, coming ahead of the
            sophistication of ransomware attacks and the frequency and severity of malware.







            Cyber Defense eMagazine – December 2022 Edition                                                                                                                                                                                                         141
            Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
   136   137   138   139   140   141   142   143   144   145   146