Greetings, all! It's a hot day in Chicago.
If you've paid attention, you've seen articles that say Ransomware attacks have actually declined in the past six months.
Great, right? Everyone's safer!
Jay Vijayan wrote this great, eye-opening encapsulation of the Q1 Ransomware research study by Coveware that found that there may be fewer attacks, but they're more sophisticated, targeted and focused, last longer, and they're asking for (and getting) higher ransoms.
As we've all had pounded into our heads, it's not the ransom that hurts. I know, I know, that can be expensive. But the costs of organizational downtime, recovery efforts, reputation, and credibility last far longer and cost more than any attack.
How are you going to stop Ransomware attacks that have gone well beyond workstations and deep into all infrastructures?
There are all the other behavioral and security tools, which are great, but I've got two words for you: "Zero Trust."
Here are five more: "Application visibility and security segmentation." If you've created a map of your environment and used that to enforce a whitelisted, zero-trust application segmentation policy strategy, you're able to stop East-West spread of a Ransomware or other exploit.
Sure, any server or workstation affected by Ransomware is a bad thing. But if you can stop that traffic from spreading, and you have immediate notification of anomalous traffic, you're ahead of the game.
"...victims paid more ransom money, experienced greater downtime, and took longer to recover from an attack than ever before."