Should you pay ransomware? No.
The SecurityMetrics Threat Intelligence Center monitors the cyber threat landscape and some of the developing cyber news from the past quarter that has been making headlines around the world. October is National Cybersecurity Awareness Month, so our Security Analysts curated a list of some important best practices to consider to protect your business and help minimize risk, vulnerabilities, or threats to your systems and environment.
Should you pay ransomware? No. Read on to learn more.
The dominant cyber threat vector of 2020 has been the incredible surge in ransomware attacks. The COVID-19 pandemic has helped bring these attacks to unprecedented levels and the SecurityMetrics Threat Intelligence Center is seeing higher levels of ransomware sophistication than ever. Specifically, we see threat actors combining phishing emails with malware.
Threat actors are not only attempting data exfiltration of your “crown jewels,” they are also holding them for ransom. When you think about how many businesses have shifted to remote work and the complexities that come with a distributed workforce–you can see how critical good cyber hygiene in your business is.
The latest advisories from the US Treasury Department have made abundantly clear their stance on paying ransoms. They released updated warnings for individuals or businesses who pay ransoms or help facilitate ransomware payments–they may be violating anti-money laundering laws and therefore be sanctioned. The warnings came in a pair of advisories, one from the Financial Crimes Enforcement Network(FinCEN) and the other from the Office of Foreign Assets Control (OFAC) this past week.
The FinCEN and OFAC advisories now cover the security firms that provide protection and mitigation services to victims of ransomware attacks. These ransomware payment companies will directly receive the ransomware victim’s Fiat funds which are then exchanged for convertible virtual currency (CVC) and ultimately handed over to the criminal. You want to avoid facilitating ransomware payments to cybercriminals.
Kaspersky Labs recently announced that they are detecting malware, believed to be from China, that can survive operating system (OS) reinstalls. This means that there is malware in the wild that can exploit a Windows computer to stay active even after you clear and reinstall the operating system.
To celebrate National Cybersecurity Awareness month, the SecurityMetrics Threat Intelligence Center has curated a list of best practices and tip sheets courtesy of cisa.gov. Consider using these tip sheets, best practices, and security awareness education tools to help protect your business, your systems, people, or environment.
Working backwards from large corporate data breaches, we've been able to pinpoint some of the most common attack vectors used in network breaches:
If you are a large franchise or corporate entity with many remote locations, it's crucial to find a network security company that can provide a level of visibility into your gray area networks to monitor for threats, vulnerabilities and malicious activity while also providing assurance to network owners that they are still in control of their own networks and privacy.
Do you know what vulnerabilities threaten your external network security? Pulse is a SOC/SIEM product that helps large enterprises, franchises, and health networks stay ahead of cyber criminals who attempt to exploit an organization’s locations through external vulnerabilities.
SecurityMetrics Pulse includes:
.svg)
