Page 52 - Cyber Defense eMagazine March 2024
P. 52
they target. There's been a discernible shift from focusing on the quantity of data to now focusing on the
quality of stolen information. By gaining access to and extracting the most valuable information, threat
actors can command higher prices for the organization's most sensitive data.
Beyond monetary extortion, tactics include public shaming on dedicated sites or within industries, or
disclosing the breach to the victim’s customers and business partners. The personalization of attacks has
escalated, with threats extending to victims' families or a company’s board of directors. Recent instances
reveal threat actor groups even involving government entities, contacting regulatory bodies like the SEC.
The strategies seek to exploit the victims in sometimes bespoke disruptive personal, as well as
professional ways.
Additionally, threat actor groups are demonstrating collective adaptability through the utilization of
impersonation tactics or by emerging as secondary actors in hijacking activities. This collective
adaptability poses a significant risk, as it can result in negotiations being taken over, leading organizations
to unintentionally pay the wrong entities, or be forced to pay a ransom twice. Given the 97% surge in
ransomware attacks throughout 2023 compared to the previous year, as reported by BlackFrog, it is
imperative to adopt a proactive and resilient approach to mitigate evolving and increasingly impactful
threats.
Addressing and Overcoming Threats
Organizations must conduct a risk assessment to pinpoint vulnerabilities and take action to shape their
cybersecurity strategy to achieve optimal cyber hygiene. This process offers a snapshot of an
organization's current vulnerabilities and architecture, identifies any cybersecurity gaps, and then creates
a strategy to address those gaps and implement measures to build resilience. Addressing identified
weaknesses from these assessments is pivotal for better preparedness against potential ransomware
and cyber incidents.
While cybersecurity strategies should align with an organization's risk assessment, companies can
enhance their defenses by adhering to fundamental best practices. This involves adopting Multi-Factor
Authentication (MFA), deploying a Managed Detection and Response e (MDR) solution, keeping up with
patching, maintaining good password hygiene, and having offline, regularly tested backups of data.
Additionally, an Incident Response Plan (IRP) should be implemented to outline all the steps that
organizations need to take after a cyber incident occurs. Having an IRP will significantly reduce response
time and help guide businesses in times of chaos. It is important to tailor the IRP to the organization’s
structure and processes and test it regularly.
Utilizing a cyber insurance provider is a practical and strategic tool for cyber preparedness and response.
The cyber insurance market is rapidly growing, projected to reach $29.2 billion by 2027. Cyber insurance
providers are essential partners in preventing and addressing cyber incidents and ransomware attacks.
They offer continuous support throughout the policy period, providing educational resources, solutions
based on risk profiles, and alerts on vulnerabilities. In the event of an incident, these providers leverage
their expertise to guide organizations strategically and efficiently, mitigating business interruption, liability
exposure, and commercial impact.
Cyber Defense eMagazine – March 2024 Edition 52
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.