Ransomware continues to be the main security threat from now and beyond, even some nations classify it as a national security threat. Just imagine if the ransomware attack breaches the nation’s mission critical infrastructure and various government agencies, what will it be?
Beside those high profile cases that the public exposed, but in real life, most of the enterprises will choose to compromise and pay the ransom instead of letting the public be aware of what is happening to them. It is not just for the public reputation in concern, but also for the various potential risks for the incident in the perception of various stakeholders.
Back to the topic, Ransomware continue be the main security threat from now and beyond, because at the time being, no have the bullet proof solution in the market that give 100% guarantee you for truly anti-ransomware. It is not about virus, worms, but incorporates specialized target exploits to gain access to the specific network or application, then perform the mass file encryption. Your file will be encrypted and a special key to unlock will be given only if you pay the ransom that been ask and typically transact via the bitcoin that can not be trace.
A truly effective solution is holistically in approach, from the practice of information security in and out, from the system, server, to network. From the network, you have to make sure only needed ports and service is open, and required to lock down permission from a certain device or IP, even better from the trusted device with a certificate issued by the company. Then from the same for the server and endpoint device. Ongoing perform vulnerability assessment and make sure all the vulnerable services and applications perform timely patch or upgrade, else temporarily block the access. From the server and endpoint, you need to perform virus, trojan and worm scanning as well. Then, and most important, have the backup copy of the data that is available in the remote storage or archive, to provide continuous data protection (CDP).
As you can see, as long as the user and enterprise is missing anything, whatever they invested will not be able to defend against ransomware attack. The bigger the enterprise, the less likely it can protect all the assets to be, across network, server, endpoint. User security awareness training needs to be conducted and reinforced to prevent the website and email pharming and phishing that accidentally let the ransomware be executed as well.
Furthermore, in the IT world, zero-day exploits did exist. This is why you keep seeing news of instant exploits of popular commercial software due to allowing attackers instant access to a huge amount of targets. Of course, someone somehow without backup will need to pay ransom.
E-SPIN Group in the enterprise ICT solution supply, consultancy, project management, training and maintenance for corporation and government agencies did business across the region and via the channel. Feel free to contact E-SPIN for your project requirement and inquiry.
Other post you may interest with: