Given how ransomware has evolved, regular system backups no longer protect against these attacks like they once did, as an article in Tech Radar points out. Backups may still help organizations restore their systems quickly, but they don’t address ransomware threat actors’ latest tactic of exfiltrating data that they then threaten to sell or publicly release if the victim doesn’t pay the ransom. Referred to as the “double extortion” of “encrypt and exfiltrate,” a recent Coveware study found that 77 percent of ransomware attacks involve these tactics. Tech Radar reports that there is good news, with the overwhelming majority of successful ransomware attacks involving stolen or guessed login credentials. It explains that any organization can dramatically harden its security defenses simply by securing its user credentials through comprehensive password security and identity and authentication management (IAM). Related to this, it offers a list of five steps to take right now. Some of these steps include implementing a zero-trust security architecture and mandating the use of multi-factor authentication. Read more at Tech Radar.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!