Global cybersecurity authority issue advisory against ransomware

Hyderabad: Businesses are seeing increased ransomware incidents and now different cybersecurity authorities globally have observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organisations globally. Cybersecurity authorities like the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) in US, the National Cyber Security Centre in UK and […]

Hyderabad: Businesses are seeing increased ransomware incidents and now different cybersecurity authorities globally have observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organisations globally.

Cybersecurity authorities like the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) in US, the National Cyber Security Centre in UK and the Australian Cyber Security Centre are seeing incidents involving ransomware against critical infrastructure sectors. These organisations have issued a joint cybersecurity advisory that provides observed behaviours and trends as well as mitigation recommendations to help network defenders reduce their risk of compromise by ransomware.

---

The organisations have observed that cyber criminals in 2021 are gaining access to networks via phishing, stolen remote desktop protocols credentials or brute force, and exploiting vulnerabilities. The report also says some are using cybercriminal services for hire and some are sharing victim information. Some ransomware cybercriminals are diversifying approaches to extort money, says the advisory.

Ivanti security products senior V-P, Srinivas Mukkamala says, “The latest advisory should be the final warning to organizations that are yet to deploy protection against ransomware. The fact of the matter is businesses aren’t doing enough to defend against these attacks, while bad cyber-actors are becoming ever more sophisticated in deploying ransomware attacks. Businesses need to ensure they are staying on top of patching vulnerabilities, no matter how old or new they are, to mitigate falling foul to these vulnerabilities being weaponized. Secondly, businesses need to stay on top of zero-day vulnerabilities. Ultimately, businesses need to invest in technology that can identify and remediate weaponized vulnerabilities in real time.”

Immediate actions to protect against ransomware

• Update your operating system and software

• Implement user training and phishing exercises to raise awareness about the risks of suspicious links and attachments

• If you use remote desktop protocol (RDP), secure and monitor it

• Make an offline backup of your data

• Use multifactor authentication