Asigra Inc., a leader in backup and recovery software that delivers comprehensive repository cyber protection, today highlighted a number of best practices proposed by providers of both preventative and responsive solutions for combating the financial ramifications of ransomware.
“Ransomware attacks are becoming more targeted, sophisticated, and costly, even as the overall frequency of attacks remains consistent,” according to a bulletin released by theFederal Bureau of Investigation.
“Cyber criminals can take advantage of security weaknesses in widely used software programs to gain control of victim systems and deploy ransomware. For example, recently exploited vulnerabilities were discovered in two remote management tools used by managed service providers (MSPs) to deploy ransomware on the networks of customers of at least three MSPs.”
Industry experts often cite two categories of ransomware defensive approaches and solutions – preventative and responsive.
Preventative strategies stop such attacks from succeeding in a way that would maintain business access to their data.
Strategies in this area would include training employees about the proper handling of potential phishing emails, implementing the proper cybersecurity software to protect primary data and a second layer of security-enabled data protection on secondary storage to ensure the complete recovery of criminally encrypted data.
Responsive ransomware strategies includeransomware recoveryexperts(CYPFER Corp. for example) to minimize downtime and potential financial loss in the event an attack was successful.
These measures also include a managed service provider to assist in finding all possible alternatives to return mission critical data to the customer. Additionally, it would alsoinclude a credible cyber-insurance provider at the company’sdisposal to financially cover the event and address monetary damages.
Should devices on a company network unfortunately fall victim to cyber attackers and it is critical that data be recovered, ensure that a ransomware recovery expert is part of theincident response team to negotiate the ransom demand with the threat actors and to try to reduce the financial impact.
To mitigate the risk, the incident response team should investigate all the alternatives, such as recovering from back-ups, rebuilding server environments and deploying free decryption tools, or negotiating with the threat actors.
As a last resort, a company can direct the ransomware recoveryexpert to coordinate and direct the mostsuitable response to the specific threat, and if the decision is made to pay the ransom, negotiate and facilitate the ransom settlement on the victim’s behalf and procure the decryption tools required to restore data files.
“Payingransom to cyber threat actors is not recommended, but sometimes it is a necessary response to ensure business continuity,” said Jason Kotler, Founder and President, CYPFER Corp.
“In these cases, it is essential to negotiate and facilitate payment of the ransom in the proper cryptocurrency and to ensure that your data is unlocked, so that business servicescan resume as soon as possible.”
“The financial impact that ransomwarecan have on any organizationisfrequentlydevastating,” said Marc Staimer, Principal Analyst and President of DragonSlayer Consulting.
“If not properly prepared, damages can go beyond the payment of an exorbitant ransom which does not guarantee the de-encryption of data. It often also includes the loss of revenues from downtime, expensive third-party data recoveryattempts, increases in future insurance costs, and reputational damage.”
“These time-sensitive events need to be addressed quickly. Whether for pre-attack preparation or post-attack emergency support, it is critical to have industry experts available,” said Eran Farajun, Executive Vice President, Asigra. “To provide some level of assurance, the five best practices and the experts referenced will providethe best chance of making it through one of these events.”
For more information on Asigra, please download a case study on cybersecurity-enabled data protection at https://site-files.asigra.com/files/case-study/pdf/pcs-trade-union.pd
The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese…
Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in…
The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against…
Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to…
A security researcher discovered a vulnerability in Windows theme files in the previous year, which…
The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to…