Communication is Key to Addressing Ransomware and Extortion

43
Communication is Key to Addressing Ransomware and Extortion

Recovery can be faster and easier if a company understands and prepares for the full impact of a ransomware attack. Leaders, however, are often unprepared, particularly regarding the critical communications required to notify and instruct all stakeholders impacted by an attack. Leaders must reconsider their approach to ransomware and extortion.

A traditional approach to a ransomware attack is generally focused entirely on a technical assessment. However, ransomware’s consequences stretch far beyond security housekeeping and a system reboot. There is sometimes a disconnect between what needs to be done and conveyed within the organization and existing incident response plans. Leaders must understand that ransomware is a business risk, not just a cybersecurity one, and they must take the appropriate actions properly to deal with any crisis.

Ransomware Strategies Evolve

Although ransomware has been here for a long time, the strategies and objectives of threat actors have recently evolved. They sometimes choose targets based on political considerations rather than monetary gain. Due to the ideological divide, many underground players have called for the return of ransomware threat groups to the mainstream underground and targeting entities, particularly in government, banking, and critical infrastructure industries.

New Strategies Open the Door

New threat actors are also bringing new ideas and methods to the table. Some attacks, for example, are more devastating than disruptive, deleting or causing damage to backups. This nullifies Plan B and makes it more difficult for a compromised target to recover. It can also harm a company’s reputation and credibility.

Access to “plug-and-play” technologies, such as Ransomware-as-a-Service (RaaS) products that can be readily purchased on the Dark Web and deployed, makes life easier for threat actors. There’s also great interest in network access sales, wherein hackers sell a shortcut to a hacked network to smart and experienced threat actors for a fee.

One of the emerging flavors of ransomware is extortion, wherein threat actors launch a public, corporate disinformation campaign targeted at undermining confidence and public faith in a company.

When an organization refuses to pay a ransom, threat actors directly approach individuals whose information has been stolen. As a result, companies may have to protect themselves against a broader ecosystem of stakeholders while dealing with cyber challenges and getting their business back up and running.

Also Read: Safeguarding the Organization Against Ransomware and Cyber Extortion

According to Accenture’s “2021 Cyber Threat Intelligence Report,” there was a year-over-year increase of 107 percent in ransomware and extortion attacks and a 33 percent increase in intrusion volume from extortion and ransomware. These increasing threats put a strain on traditional crisis management, highlighting the significance of coordinated communications and planning.

Bridging the Communication Gap

When all aspects of a company work together, the entire company benefits. Tabletop exercises are common among cybersecurity professionals, but they should be expanded to include executive-level exercises. This allows businesses to test their security against a ransomware attack in front of their stakeholders, simulating the intensity and risk of a “real-life” attack.

An organization’s recovery can be hampered if it takes an uncoordinated first step. Companies can prevent the domino effect by defining a playbook and providing a clear plan for the entire business, directed by the C-suite.

Maintaining regular cybersecurity patching hygiene processes and incorporating an intelligence-driven strategy to attack surface management and vulnerability programs are critical to averting ransomware. To be more resilient, businesses must better understand their internal reporting duties and operate in a thoughtful, transparent, and factual manner.

For more such updates follow us on Google News ITsecuritywire News