Every now and then, there’s a new headline about an organisation hit by a ransomware attack. How parts of their infrastructure and sensitive data was suddenly encrypted, impacting customers, productivity, and their reputation. What would you do in such a situation? Pay the ransom? Or should you never negotiate with criminals?
Experts at the helm
Naturally, you’d rather never have to make that decision. Though you can never fully prevent being hit by a ransomware attack, you can significantly decrease the chance of it happening. To do that, you first need to understand two things:
How do the bad guys operate?
What do you have that needs protecting?
To help you answer these two seemingly easy questions, we have organised a webinar together with cybersecurity company Intel 471. Two security experts took control of their ransomware submarine.
Maurits Lucas, Director of Intelligence Solutions at Intel 471, took a deep dive to explain what goes on under the surface. How do cyber-criminals develop and distribute ransomware? And how can you spot this activity before it’s too late?
Then, Eward Driehuis, SVP Strategy at Cybersprint, described how you can bring risks in your digital footprint back to the surface. What do you need to map and monitor your digital assets? How can these insights help you prioritise the systems that need your attention the most?
Intel 471 is specialised in the Intelligence aspect of cybersecurity. Their malware solution is able to detect and monitor both adversary intelligence (what do the bad guys talk about, what are they selling/buying?) as well as malware intelligence (what tools do they use to conduct their activities?)
What they see is that most of the malware does not come from a single actor, or even from a single group. Rather, it is the work of actor groups coming together in loose affiliation around, for instance, a certain buyer-seller relationship. As different groups have developed specialties of the malware process, they have to build partnerships to make and distribute an attack successfully.
Intel maps that structure, making them able to see who is responsible for what aspect. Tracking this gives them early warning signals, helping organisations stay more secure.
Linking digital risk to business risk
When Eward took the wheel, he explained how many organisations struggle to get a good grasp on their digital footprint. And if you don’t fully know what assets are out there, how can you repair the vulnerabilities they use to plant their ransomware?
Cybersprint provides a Digital Footprint platform to help organisations build their resilience. To protect from threat actors, you need to look at your organisation in the same way as they do: from the outside-in. What digital assets are out there, how do they link to your systems, and are there any weak spots?
Eward shows how automated and continuous monitoring reveals risks, making sure security specialists can take appropriate action. Well before they’d have to make any dreaded phone call.
Sebastiaan Bosman is Content Marketeer at Cybersprint.
With an educational background in Communications and Linguistics,
he is responsible for creating and editing most of the internal and external communication. He writes content such as blogs, whitepapers, and case studies, primarily based on Cybersprint’s own research data. Previously, Sebastiaan worked as Content & Communications Advisor at ING Global.