Ransomware is not a new form of attack. However, in recent years, there has been a concerning rise in attacks, and companies of all sizes in various industries are the victims.
The ways that ransomware attacks enter networks haven’t changed much over the past few years. Attackers achieve success using phishing and social engineering techniques to exploit poor cyber hygiene and lack of cybersecurity awareness training. But recently, attacks have increased as businesses change and adapt to post-pandemic life, whereby attackers exploit loopholes in the Remote Desktop Protocol (RDP) and find a greater number of unpatched software applications.
Attackers split target victims into three main groups:
- Unprepared to Very Light-Prepared Organisations: these organizations are usually struck by the mass technique of “hit and hope”, as this technique can be utilized by attackers with lower-grade skillsets, due to the low level of acquisition required and the readily available well-automated hacking tools. These attackers ask for small ransoms in the thousands of pounds, relying on the mass effect.
- Light-Prepared to Prepared Organisations: these organisations are the subjects of targeted tactical attacks where the attackers take time to do as much damage as possible, then ask for hundreds of thousands to millions in ransom. The ROI is on a risk-and-reward basis, and ransoms are specific to each target.
- Well-Prepared Organisations: these organisations are subject to carefully targeted attacks. If the attacks are executed by state-backed actors, their goal is rarely a ransom. The hackers do not intend to ever provide the keys. The ultimate goal is to ensure the victim is unlikely to restore the services. This is why they ensure that the encryption of every folder and file is with different keys.
Getting the basics right
Verizon’s 2022 Data breach report (2022 Data Breach Investigations Report | Verizon), found that 82% of breaches involved the human element, including social attacks, errors, and misusage, with three main issues being:
- Weak password policy
- Use of default credentials on third-party systems (similar to keeping the manufacturer’s admin password on your home WiFi router)
- Unnecessarily exposed systems (publicly visible systems that provide potential entry points for threat actors)
Essential Security Controls
Vivid Adapt’s Essential Security Framework (ESC) looks to deliver an approach that streamlines and improves cyber hygiene and compliance without extensive re-engineering or heavy investment. The ESC provides a simple way to understand and visualise your current security posture and evaluate how effective it is in protecting your business against the most common and dangerous cyber-attacks by improving cyber hygiene across all users and all devices. It provides clear goals for an organisation looking to mitigate the risk of data breaches by hardening systems against attack, limiting the damage caused in a potential attack and making it easier to recover from an attack should it impact the business.
Vivid Adapt’s Essential Security Control framework
Our ESC framework enables organisations to measure and therefore manage cyber hygiene at all three components – people, processes and technologies:
- Educating users on Phishing techniques and attack vectors
- Ensuring security patches across all systems and software are implemented correctly
- Ensuring all users follow the best password policies from the IT team to enable strong credentials and MFA for all elements of the backup infrastructure
- Maintaining immutable copies of the data backup
- Maintaining updated antivirus/security software
- Maintaining an email security solution
- Regularly updating security software and applying zero-trust firewall policies
- Removing any unnecessary software/plugins or add-ons
Although no organisation will be fully insulated from highly sophisticated attackers, becoming a difficult target to penetrate will stop the majority of attacks. Especially the low-quality ones. The ESC framework enables all organisations to effectively measure cyber hygiene and reduce the attacking surface across their business that hackers usually exploit.
Vivid Adapt
Vivid Adapt’s team of industry-experienced professionals supports a range of security solutions and assessment services that can help you to understand your current state of vulnerability, identify gaps and strengthen your overall cybersecurity strategy, services include:
- Current state
- GAP analysis
- Risk register
- Project Pipeline
If you are interested in learning more about how our security services can help you understand where your systems or data is most vulnerable and want to know the steps required to protect your business, please get in touch.
Vivid Adapt is a European Managed Security Services provider with offices across Europe. If you are interested in improving your Security Systems please contact us using the form found at the bottom of the page or email us at info@vividadapt.com.
Learn about how the Essential Security Control protects your business