Monday, September 25, 2023

Cyber ​​resilience combines data security and protection

Must read

Shreya Christina
Shreya has been with for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

“Triple extortion” or “quadruple extortion” attacks, which additionally include distributed denial of service (DDoS) attacks or third party threats, are now also part of the modern risk landscape, according to Alexander Applegate of cybersecurity firm ZeroFox.

Meanwhile, attack attempts have also become so common that they are virtually guaranteed. According to an Sophos Survey 202266% of companies have experienced a ransomware attack in the past year, almost double the number of 2020. A 2022 report by Enterprise Strategy Group (ESG) puts the figure at 79% of organizations affected in the past year.

ESG practice director and senior analyst Christophe Bertrand adds this disturbing addition: “I ask the 21% who say they have not experienced an attack because I think the ransomware virus is probably lurking in their systems.”

Ransomware attacks have become more virulent

Ransomware threats have become more damaging in several ways: attacks are on the rise, cybercriminals are demanding more ransoms, successful intrusions are used to compromise multiple data streams, and attacks are spreading beyond IT systems to critical infrastructure critical to business operations .

A Sophos Report 2022 identified a new trend: a franchised business model (“ransomware-as-a-service”) in which gangs sell ransomware kits to other cybercriminals, who launch the attacks and then return a portion of the proceeds to the gang. “When ransomware started, it was a small company that attacked users who were not advanced and who would probably pay a few hundred dollars to get their data back,” said Hu Yoshida, chief technology officer at Hitachi Vantara. “But now the game has changed dramatically.”

The utility sector has become an attractive target, as disrupting power, water or critical infrastructure can be harmful to the public. The 2021 ransomware attack on Colonial Pipeline, for example, led to gas shortages in the northeastern United States. And even though Colonial Pipeline paid the $4.4 million ransom, the hackers’ decryption tool was so ineffective that the company eventually started using its own business continuity systems to slowly get back to business.

Governments and public services have also become targets for ransomware. A US Senate Committee Report noted more than 2,300 known ransomware attacks on local governments, schools and healthcare providers in the US in 2021. system, which prompts the president to declare a national emergency.

Download the full report.

This content is produced by Insights, the custom content arm of MIT Technology Review. It was not written by the editors of MIT Technology Review.

More articles


Please enter your comment!
Please enter your name here

Latest article