There are three significant and disruptive cybersecurity threats that amaze organizations of all types and sizes:
Cloud incorrect configuration; And
Back door supply chain.
I will explain with recent examples and guide you on what you can do to avoid making mistakes for others and avoiding falling victim to threats.
Let's start with ransomware. This is the most dangerous threat facing your organization today. Why? Because it doesn’t matter how you work, you can literally bring in operations and incur significant costs, pain and suffering.
See a recent example of an organization. It was infected with ransomware and the operation was halted after the IT system was shut down for several weeks. It had to slowly restart the system for several more weeks. It is estimated that the lost sales, recovery and remedies, effective on profits, will cost about 95 million. Also, announced that it will not be able to get growth plans for the year.
Take another recent example. The system at three hospitals was infected and could not accept any patients for several days as the IT system was shut down. Gradually the IT system had to work on paper for many days until it was restarted. Fortunately, in this case, the incoming patients did not suffer any loss of life and were able to be diverted to another hospital on time, but it can be tragic.
No body is immune to ransomware and it can return to its ugly head at any time and cause severe pain.
There are many types and everyone can be easily pinched by attackers to avoid defenses. RUK ransomware is an example of how this year has already caused significant pain to hundreds of organizations in the United States and around the world. Earlier, Samson ransomware attacked various organizations in the US and Canada, allocating 6 6 million in ransom and causing more than 30 30 million in damage. Earlier, notebook ransomware rapidly plagued hundreds of organizations in various parts of the world, causing more than 10 billion in damage.
The attackers see that ransomware is quick and easy to infiltrate and encrypts some data rather than trying to decipher them all. They are asking themselves, why should they try to find and steal all the data without paying the ransom?
They are seeing that ransomware will have immediate adverse effects because the victim will not be able to access and operate critical data and systems. Therefore, it is more likely that a ransom will be paid to stop the pain and suffering, especially if the victim is replaced by cyber insurance. The organization will use the insurance policy to pay the ransom instead of interrupting or shutting down its operations.
They also see that most organizations have created various controls to prevent and detect data theft, but they don’t put as much weight on preventing and detecting ransomware. Many organizations have a lot of data and all the data related to the incident is given to the theft and reported in the press, focusing on data theft. But ransomware risks cannot be ignored or approached less seriously.
Imagine that you are infected with ransomware and your people cannot access and operate documents, files or systems. All critical files and systems are locked from ransomware encryption and ransom is demanded from the hacker for the key to unlock encryption. If so, will it take you days, weeks, or months to recover? How will it affect your organization?
You think you'll be able to recover files and system backups quickly, but are you sure? New ransomware variants are created to detect or delete or encrypt backup files and systems and, in some cases, first, before encrypting the remaining files and systems.
The recently infected organization had estimated a financial impact of $ 95 million from ransomware that it would take the risk under its control unless it could control the risk, unless it was willing to manage the risk.