Ransomware remains a major challenge for enterprises in 2022. But even paying the ransom does not assure victims of getting their stolen data back or protect them from serious financial damage. Our experts at our Next Generation Security Operations Center (NG SOC) understand the trends and challenges of ransomware, and can help you to improve your preparedness.
The 3 most active ransomwares:
Deadbolt Ransomware: targets QNAP & Asustor NAS devices by using a zero-day vulnerability
Cuba Ransomware: exploits vulnerabilities in the Microsoft exchange server. The FBI has alerted the business community to its severity
Conti Ransomware: uses stealth malware including Trickbots, BazarBackdoor and Anchor for initial access.
4, 5, 6....and more versions are surely on the way!
Common techniques for ransomware attacks include the following (the T numbers are MITRE techniques):
(a) Active Scanning (T1595)
(b) Exploiting Public-Facing Applications (T1190)
(c) Brute Force (T1110)
(d) Scheduled Tasks and Jobs (T1053)
The 8 steps our NG SOC advises enterprises to:
Review existing public-facing application, and patch frequently
Restrict storage server access from the Internet
Disable default accounts, use strong passwords and Multi-factor Authentication (MFA)
Update Anti-virus signatures frequently against sophisticated malware and the latest threats
Deploy Endpoint Detection and Response (EDR) solutions or Managed Security Services
Build and review your incident response plans for faster response and to minimize the impact of an attack
Enforce backup best practices to keep uninfected data and systems in cloud storage and offline
Educate your staff to be alert and vigilant to threats and the main forms of ransomware attack
Fighting off ransomware and cyber attacks is an endless and draining task. You need all the help you can get. Find out how we can make life easier for you, contact us now
Send us the information below and we will get back to you ASAP!