In 2020, the threat actors perfected ransomware schemes, and in 2021, the focus will be more on extorting stolen and sensitive data to gain the largest profit possible.
There is a need to reset and reinforce the existing security posture across enterprises as ransomware attacks see no sign of slowing down. With employees working from remote locations, the business cyber-attack has increased prominently – as they are away from the secure office network.
Given the situation, cybercriminals are taking advantage of this exposure with a wave of cyber threats. This rapid evolution indicates that the marketplace could outrun security defenses – as ransomware and insider threats are becoming grave. As a result, CISA has also re-issued guidelines to encourage cyber readiness.
Maxine Holt, Senior Research Director at Omdia, believes the increasingly demanding and sophisticated ransomware is likely to take over the threat landscape. She noted, “It isn’t new, but it’s really grabbing attention right now…The Manchester United cyber-attack is a high-profile example of what many organizations will continue to face.”
Thus companies are implementing advanced security solutions to minimize the risk of data breaches and cyber-attacks. Maxine continued, “Depending on where the company is registered; they could be caught between a rock and a hard place when it comes to paying ransoms, potentially recovering data, and incurring fines. Compliance and privacy both need to be ramped up.”
Although all organizations are at risk due to the work-from-home model, experts believe the healthcare sector will be the primary target in the next year. This is simply because healthcare units are actively functioning to find a vaccine for COVID-19. And similarly, the ransomware attackers are scrambling to make the most profit.
Lately, they are spamming via modern tools in their attack strategy to encrypt a business. While technologies are evolving, criminals have created sophisticated solutions to seed genuine websites and users’ inboxes with malicious code. These targeted attacks have a notable success rate.
In this context, Andrew Daniels, CIO and CISO at Druva, cited, “Everyone will need to focus on data recovery, but the threat surface will be dynamic. Protection and recovery must be included in any strategy because successful attackers are taking multiple approaches while also threatening to expose data they’ve exfiltrated. Strong data protection architecture will be key to ensure endpoints aren’t cluttered unnecessarily with sensitive or confidential data like PII.”
Unsurprisingly, ransomware is big money! As cryptocurrencies are thriving and their traceability is questionable, the attackers will carry on their assault and are expected to attempt sophisticated tactics to get to available data. As a result, a business model should focus on protection and recovery in every level of their plans.
Andrew Daniels explained, “The focus should be on backing up such data, and then restoring it temporarily at a future time, if and when required. You back up the data, and if you need it down the road, you can restore it temporarily. Additionally, organizations should think about more aggressive reminders or maybe even penalties for not following data lifecycles, which will be important to minimize exposure risks.”