Do you remember a commercial with four out of five dentists recommending a brand? Or maybe eight out of 10 hairstylists commending a product? Well, in this case three governments have joined together to warn of increased threats of ransomware globally. It’s a dangerous trend, but there are actions you can take to reduce risks and impact.
The U.S., Australia, and the U.K. pooled observed behaviors and trends to pen a report warning of “ransomware threat actors’ growing technological sophistication and an increased ransomware threat to organizations globally.” The results of their joint analysis was recently released by the Cybersecurity & Infrastructure & Security Agency.
Alert (AA22-040A), 2021 Trends Show Increased Globalized Threat of Ransomware, noted American agencies have observed incidents involving ransomware against 14 of the 16 U.S. critical infrastructure sectors, including:
Meanwhile, ransomware has also targeted Australian infrastructure in the Healthcare and Medical, Financial Services and Markets, Higher Education and Research, and Energy Sectors. Education is a top sector attacked in the U.K. along with “attacks targeting businesses, charities, the legal profession, and public services in the Local Government and Health Sectors.”
The three cybersecurity authorities also shared several technical details about the ransomware attacks. Their findings suggest continued threats of ransomware in which cybercriminals:
Particularly unnerving for our client base, the report also observed ransomware threat actors are targeting all sizes of business and managed service providers (MSPs) in particular. With trusted access to several client organizations, the MSP is a prime target because the initial compromise could mean access to multiple victims at once.
Beyond governments warning of the risk, the global business community is also anxious about the rising threats of ransomware. Allianz annually surveys 2,650 experts in 89 countries and territories, including CEOs, risk managers, brokers and insurance experts to develop its global and country risk rankings. Cyber incidents topped the findings at 44% of the responses for only the second time in the Risk Barometer’s history. Business interruption came in second at 42%.
Within the cyber incident category ransomware was “confirmed as the top cyber threat for the year ahead by survey respondents (57%).” We’ve all witnessed the widespread impact of recent attacks such as Log4J or Kaseya, or the Colonial Pipeline hack in the U.S.
“Ransomware has become a big business for cyber criminals, who are refining their tactics, lowering the barriers to entry for as little as a $40 subscription and little technological knowledge,” said Scott Sayce, Global Head of Cyber at Allianz Global Corporate & Specialty (AGCS) and Allianz Group.
Despite the distressing predictions of growing threats of ransomware, you can take action to reduce the risk. Cut the likelihood of a ransomware attack by:
Pay particular attention to RDP by securing and closely monitoring these services. CISA called for RDP users to:
Further, you can take steps to limit the potential impact of ransomware:
Calyptix’s AccessEnforcer helps MSPs and small businesses avoiding exposing internal systems and applications directly to the Internet. This helps reduce threats of ransomware.
Our Gatekeeper feature provides identity validation (e.g. via active directory) to control access and requires 2FA authentication. Even then, access is segmented at the network level to offer protection without adding complexity. With Geo Fence, our users can also shrink the network attack surface and stop adversary reconnaissance, attacks, probes, scans, DOS attacks, and more.
The CISA alert may have focused primarily on critical infrastructure, but no one is immune from ransomware. Reduce risk of successful attacks with the many mitigations suggested in this article and the help of Calyptix Security’s affordable all-in-one AccessEnforcer solution.