Success of Ransomware Attacks Shows the State of Cybersecurity

Every few years a major threat emerges that dominates the attention of security vendors, start-ups, media and board meetings. APTs, IoT Security and Cloud Security are among such threats. Today, it is safe to say that Ransomware is dominating the conversation, especially after so many high profile incidents have been part of the news cycle, such as Colonial PipelineCD Projekt RedJBS, the Kaseya supply chain attack, as well as many stories on healthcare providers being victimized by such attacks. 

What makes Ransomware different than the previous threats that were in the spotlight is that it doesn’t represent a capable new threat actor such APTs or a jump in the attacks’ sophistication like in IoT security. Ransomware isn’t new, its delivery methods aren’t new, even demanding ransom isn’t new. The technical innovation presented in Ransomware incidents, encrypting files on a hard drive, can’t be considered very sophisticated. Yet, despite dealing with a threat that we had many years to prepare for and protect ourselves from, Ransomware is incredibly popular because it works, and it is very profitable for the attackers. 

In previous threats, the security industry has faced challenges of new technical capabilities emerging from threat actors, which required the vendors to catch up. In the heyday of banking malware, new innovative features such as HTML injections and Man-In-The-Browser were introduced by their developers, causing vendors to struggle in identifying fraudulent activities. APTs proved to be a major threat because they were able to circumvent traditional cyber defence doctrines, which focused on the perimeter and had no “strategic depth” of detecting attackers after they were already in the systems. IoT and Cloud security required new approaches as the environments that they aimed to protect were quite different than the environments that security solutions were designed for. Ransomware, on the other hand, has none of these challenges.

Continue reading on SecurityWeek

Facebook
Twitter
LinkedIn

IntelFinder is the most cost effective threat intelligence solution on the market, offering customer-specific and actionable therat intelligence at a fraction of the cost. We cover a wide variety of threats, such as similar domain registration, rogue apps, leaked employee credentials, leaked source code, leaked documents, exposed subdomains and more – all for only $250/month per brand.

IntelFinder is offered with a one month free trial – no strings attached and no credit card information required! 

TRY INTELFINDER NOW

Let's Be In Touch

Do you prefer talking with us before trying out the service? no problems!