With ransomware attacks like Colonial Pipeline, JBS, and Kaseya dominating the news this year, organisations have the right to feel nervous. Trend Micro Research collated and evaluated ransomware detections in the last six months in over 20 industries, giving you the insights you need to build a strong defence.
Banking, government, and transportation top targets
Due to the unique business characteristics of the banking, government, and transportation industries, it’s no surprise they remained the primary target of ransomware groups. Modern ransomware, specifically REvil, was consistently present in the list of top ransomware detections in the banking, government, and transportation industries.
Defending against modern ransomware
Ransomware compromise is no longer a matter of “if”, but “when.” The good news is that you can mitigate ransomware risks with the following best practices:
1. Secure the access points: Your first line of defence is securing and monitoring the entry points. By understanding the access points commonly used by modern ransomware attackers such as REvil, you can proactively stop any suspicious behaviour.
2. Continuous education and training: The age-old saying “stay in school, kids” rings true here. It’s important that all employees and partners receive consistent training to improve awareness. These sessions should be run by the teams in the trenches during an attack: IT, development, security, and incident response (IR).
3. Invest in cross-layer detection and response solutions: Defense in depth is the motto here. An integrated platform that provides protection, monitoring and tracking of all the potential entry points—email, cloud workloads, networks, endpoints, mobile, cloud storage—allows security teams to gain comprehensive visibility for earlier detection and faster incident response.
4. Create a plan: Invest in IR teams and establish a game plan for prevention and recovery. Constantly update the playbook to ensure its reflective of your current environment and cybersecurity approach.
5. Practice makes perfect: Just like an athlete practices to prepare for the big game, don’t wait until an event occurs to see how everyone responds. Running simulated cyberattacks gives decision-makers like yourself, security, and IR teams an idea of potential gaps and areas that need improvement.
For more insights to bolster your security strategy, read our research article Modern Ransomware Shakes Up Banking, Government, Transportation Sectors in 1H 2021.