Page 141 - Cyber Defense eMagazine December 2022 Edition
P. 141
But while new tools can help combat ransomware attacks, organizations may be overlooking
fundamental gaps that will allow attackers to bypass their expanding security stacks.
Ransomware remains top of mind for organizations
The fallout, and possible damage to an organization’s reputation, from a ransomware attack, remains a
top concern for organizations when addressing their security operations.
This fear, combined with an expectation that ransomware will eventually successfully impact their
networks, has led organizations to divide their focus between defending against intrusions and
extenuating their effects.
That has included an increased focus on recovery efforts, such as companies purchasing cyber insurance
to mitigate potential losses or opening cryptocurrency accounts as a preparedness measure to pay the
ransoms that attackers may demand.
These efforts come alongside organizations’ desire to mount a more robust defense to reduce their risk
of a ransomware attack, adding new tools to their technology stack. However, while pursuing new
solutions may offer organizations new capabilities, they may not reduce risk if foundational cybersecurity
practices remain overlooked.
Threat vectors such as unmonitored devices accessing the network and malware-stolen session cookies
that can enable session hijacking can be as damaging as traditional ransomware entry points like
unpatched software or phishing emails.
Implementing new solutions without first addressing the core issue can leave organizations with critical
security gaps that make them more vulnerable to ransomware attacks and are ultimately a band-aid on
a bullet wound when it comes to a true defense program.
The attacker is already inside the house
As attackers already have access to an organization’s data before deploying ransomware, IT security
professionals must be able to prevent potential breaches through solutions like endpoint protection,
credential monitoring, user and entity behavior analytics, software patching, and other best practices.
But even with those steps in place, organizations face vulnerabilities from third-party and partner
applications that may sidestep cybersecurity tools. The risk of a third party-based cyberattack was ranked
as the top concern for organizations when reflecting on their cybersecurity plans, coming ahead of the
sophistication of ransomware attacks and the frequency and severity of malware.
Cyber Defense eMagazine – December 2022 Edition 141
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.