The File Data Factor in Ransomware Defense: 3 Best Practices

Aside from the pandemic, ransomware has become one of the gravest threats to the global economy.  It is no longer a matter of “if” an organization is going to be attacked but “when,” according to Gartner.

The research firm predicts that 75% of organizations will face one or more attacks by 2025. National Security Institute found the average ransomware payout was $200,000 in 2020, up from just $5,000 two years ago as ransomware gangs resort to more aggressive tactics to get what they want.

Large-scale attacks on enterprises—the latest being one against Accenture—are creating regular headlines. The U.S. is the largest region for such attacks, and ransomware accounted for 30% of all U.S.-based cyberattacks in 2020, more than double the rate globally.

Why is ransomware worse now?

The word among security experts is that the Covid-19 pandemic, with its resulting lockdowns and work-from-home mandates, created an enticing new opportunity for hackers.

Employees sometimes use insecure personal devices and networks, accessing desktops over the easily-compromised Remote Desktop Protocol (RDP) software and connected by VPNs which aren’t always configured or secured properly. This has led to a perfect storm of vulnerability at even the largest corporations with massive IT budgets and large teams in place. Ransomware attacks are also becoming more sophisticated.

Ransomware software is now attacking in multiple stages, from penetrating the network, to stealing credentials, to attacking the backup systems. Over this entire time period, which can take weeks to months, companies typically don’t know they are under attack until finally someone suddenly notices files becoming encrypted and unusable.

How does this affect data storage?

Ransomware players are attacking all IT infrastructure, not just servers and applications. In 2021, the network attached storage (NAS) appliance maker QNAP alerted its customers that eCh0raix ransomware was attacking its NAS devices, especially those with weak passwords, as reported in this ransomware paper by ESET.

This is a disastrous prospect, since data growth is…


Is Your Healthcare Organization Following These Four Ransomware Best Practices?

Healthcare is the most targeted sector for data breaches and ransomware attacks were responsible for almost 50% of all healthcare data breaches in 2020, according to the US Department of Health and Human Services Cyber Security Program 2021 Forecast.

While ransomware has been a favorite among attackers for years now, the rate continues to rise each year. The ransomware industry has displayed resilience and determination. Hacktivists and nation state actors are drawn to the disruption it can cause. Cybercriminals are drawn to the profits it can bring in, especially for public health records which can sell for up to $1,000 each on the dark web. In a survey of healthcare IT workers by SOPHOS earlier this year, a third reported they had been hit by ransomware attacks. The bill paid by healthcare providers for a ransomware attack is staggering. The average cost – including the ransom, people time, downtime, equipment, and other impacts on business operations – is $1.27 million.

We can make some assumptions about factors that are causing the steady increase in ransomware attacks: the emergence of “ransomware-as-a-service” platforms; the rapid inflation of cryptocurrency prices is a boon to attackers as bitcoin is used for most ransom payments; healthcare facilities have been overburdened and distracted by the COVID-19 pandemic; tensions between countries has spurred a rise in cyber warfare and criminals internationally.

We have seen ransomware strains come and go just for new and improved versions to take their place. A major evolution in tactics observed over the past year is ransomware being used not only to encrypt the data but also to exfiltrate and hold it for ransom under the threat of leaking the information to the public. An example of this is the breach at Vastaamo, a major Finnish psychotherapy clinic reported in October 2020. Patient files and therapy session notes were compromised, encrypted, and exfiltrated. Even after Vastaamo paid the ransom, the attackers shifted to contacting the patients directly and threatened to release their sensitive therapy data if they did not pay an additional ransom. Therapy session notes and personal data of many patients were leaked…


Coast Guard updating cyber planning and committing to industry best practices for maritime trusted computing – Military & Aerospace Electronics

Coast Guard updating cyber planning and committing to industry best practices for maritime trusted computing  Military & Aerospace Electronics


Best Practices for Web Form Security

Best Practices for Web Form Security

Web form security  ⁠— the set of tools and practices intended to protect web forms from attacks and abuse ⁠— is one of the most critical aspects of overall website security. Web forms allow users to interact with your site and enable a lot of useful functionality. However, once a user can interact with your site to do something useful there is a new attack surface for a hacker to exploit.  

To help you get the usability benefits of web forms while limiting the security risks we’ve created this list of best practices for web form security.

Continue reading Best Practices for Web Form Security at Sucuri Blog.

*** This is a Security Bloggers Network syndicated blog from Sucuri Blog authored by David Zomaya. Read the original post at: