Vibhav Agarwal

Ransomware Cyber-Attacks: Best Practices and Preventative Measures

Ransomware Cyber-Attacks

WanaCrypt0r 2.0” or “WannaCry,” an unprecedented global ransomware cyber-attack recently hit over 200,000 banking institutions, hospitals, government agencies, and other organizations across more than 150 countries. The ransomware encrypted user data, and demanded a payment in bitcoins to unlock the data. The companies that were hit included Telefonica – Spain's largest telecom provider, more than 16 hospitals in England's National Health Service (NHS), US package delivery company – FedEx, and many other high profile targets.

Across the world, cyber-attacks are on the rise. CSO magazine cited the FBI as saying that $209 million had been collected in ransomware payments in the first quarter of 2016 alone. These attacks illustrate how unprepared most organizations are to counter the growing menace of cyber threats. Many large organizations still use unsupported or older versions of software, encounter significant delays in patching vulnerabilities, and perform fewer automated backups, thereby putting themselves at grave risk. As the scale and impact of cyber-attacks grow, it is imperative for CIOs, CISOs, and other business leaders to diligently address basic areas of cybersecurity to avoid disruptions in their critical business operations.

KEEPING CYBER THREATS IN CHECK

Detecting covert cyber threats lurking in enterprise networks, and orchestrating a common cyber risk taxonomy are integral to an organization’s security blueprint. The first step in that direction is to strengthen data governance and accountability by building a centralized repository and consistent taxonomy to manage the cybersecurity areas of compliance, IT assets, IT policies, risks, and controls, as well as the relationships across these data elements. In addition, an integrated IT GRC solution can be leveraged as a strategic and operational tool to solve complex ransomware and cyber security challenges. The solution can help manage and mitigate IT security risks, vulnerabilities, and advanced attack threats by leveraging multiple threat modeling and risk assessment methodologies such as STRIDE, DREAD, and other approaches based on quantitative factors. Pre-built methodologies for IT risk assessments and threat assessments can help organizations improve visibility into the overall IT and cyber risk landscape. Organizations will also gain from pre-built integrations with leading threat feed providers. By consolidating “early warnings” or notifications from these trusted sources into a searchable database, users receive comprehensive details on each threat, CVE ID, source, affected technologies, controls, threat and patch records, and possible remediation mechanisms.

Using this data, users can automatically notify the responsible personnel to proactively address the threats before systems are compromised. A robust IT GRC solution can also help organizations integrate with patch management solutions, vulnerability scanning devices, and infrastructure management tools to centralize data and assets, classify critical assets, identify issues, and track the vulnerability remediation status on an asset-by-asset basis. The solution can serve as a repository of the latest patches released by various software vendors to mitigate specific vulnerabilities. This data will enable enterprises to prioritize the implementation of patches or workarounds based on the criticality of each asset.

The other benefit of an IT GRC solution is that it can serve as a path to organizational compliance with industry-standard cybersecurity regulations by standardizing and harmonizing control sets across multiple regulations. It can also provide a consolidated view of the status of compliance with cybersecurity standards through a detailed gap report of operating controls that have not been mapped to reference controls as prescribed by the standard. This report will enable organizations to take proactive steps towards closing compliance gaps. Visualization tools can help users manage and monitor threat and vulnerability trends, as well as the organization’s risk posture, and issues in real time. Configurable dashboards can also help the company view underlying risk data, and gain a complete understanding of the potential impact of these risks on the business.

KEY BEST PRACTICES

  • Manage software updates systematically

Update old software and ensure that patches are also updated to avoid any weak spots that can be exploited by hackers.

  • Assess and mitigate IT security risks

Align IT security operations with business priorities, and perform periodic IT risk assessments based on vulnerabilities, patch levels, and security policy reviews to ensure a higher state of readiness.

  • Ensure consistent compliance, privacy, and security

Establish security policies or protocols to prevent external threats, and proactively anticipate potential ransomware attacks.

  • Develop contingency plans with regular online backups

Identify the most critical assets, and implement strong periodic backup mechanisms (e.g. cloud-based backups).

  • Gather threat intelligence

Ensure prior intelligence on threats which can help in patching the vulnerabilities that are most likely to be exploited by cyber criminals.

SUMMARY

With ransomware and other cyber-attacks on the rise, it is of utmost importance that organizations of all sizes have the right detection and preventive techniques to proactively counter these attacks. Getting one’s basics right is the first step. A robust backup strategy, coupled with threat or risk assessments, and employee training can go a long way towards preventing cyber-attacks. These small investments can eventually save the organization tens of millions of dollars, as well as its reputation and brand.

By Vibhav Agarwal

Vibhav Agarwal

Vibhav Agarwal is the Director, Product Marketing at MetricStream.

Vibhav has 11+ years of progressive experience in Enterprise product marketing, sales management, ERP & CRM program planning and delivery, software vendor selection and implementation across Hi-Tech, Trading & Capital Markets and Internet domains. Worked extensively in various roles dealing with multinational conglomerates as well as mid-sized companies like Info Edge India, in deals ranging between 0.5-30 million USD. Exposure to all stages of product and IT applications, sales & marketing, product management, and enterprise implementations.

View Website

CONTRIBUTORS

What You Need To Know About Choosing A Cloud Service Provider

What You Need To Know About Choosing A Cloud Service Provider

Selecting The Right Cloud Services Provider How to find the right partner for cloud adoption on an enterprise scale The ...
Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in ...
Chris Gerva

Why Containers Can’t Solve All Your Problems In The Cloud

Containers and the cloud Docker and other container services are appealing for a good reason - they are lightweight and ...
Principles of an Effective Cybersecurity Strategy

Principles of an Effective Cybersecurity Strategy

Effective Cybersecurity Strategy A number of trends contribute to today’s reality in which businesses can no longer treat cybersecurity as ...
Bryan Doerr

Cyber-Threats and the Need for Secure Industrial Control Systems

Secure Industrial Control Systems (ICS) Industrial Control Systems (ICS) tend to be “out of sight, out of mind.” These systems ...
The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance  With technology at the heart of businesses today, IT systems and data are being targeted by criminals, ...
Cloud Services Are Vulnerable Without End-To-End Encryption

Cloud Services Are Vulnerable Without End-To-End Encryption

End-To-End Encryption The growth of cloud services has been one of the most disruptive phenomena of the Internet era.  However, ...
Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Multi-Instance vs. Multi-Tenant Architecture  The cloud is part of everything we do. It’s always there backing up our data, pictures, ...
Cyber Security Tips For Digital Collaboration

Cyber Security Tips For Digital Collaboration

Cyber Security Tips October is National Cyber Security Awareness Month – a joint effort by the Department of Homeland Security ...
Financial Management Finds a Welcome Home in the Cloud

Financial Management Finds a Welcome Home in the Cloud

Cloud Based Financial Management The most cautious person in any organization is likely to be the CFO. After all, they’re ...

NEWS

Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

NEW YORK, Dec. 12, 2017 /PRNewswire/ -- Deloitte forecasts double digital growth in machine learning deployments for the enterprise, an increasing worldwide ...
Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system (Reuters) - Hackers likely working for a nation-state recently penetrated the safety system of ...
email as a service

Google Data Analysis, Artificial Intelligence and Predicting Vaccine Scares

Social media trends can predict tipping points in vaccine scares Analyzing trends on Twitter and Google can help predict vaccine ...