Forward by Laura Baker, CyberWyoming. Just reading the news over the past month, I have been amazed at the resurgence of ransomware attacks and data breaches. With October being National Cybersecurity Awareness Month, I want to remind Wyoming-ites to Do Your Part! #BeCyberSmart. Cybersecurity is everybody’s responsibility and affects all industries.
By Chris Bonatti, President of IECA, Casper, WY
Ransomware infections are one of a comparatively few types of cyber intrusions with a profit motive. Well that profit motive is alive and well, as ransomware campaigns are growing in number and sophistication.
The list of high-profile targets that have been taken out by ransomware this year overwhelms our ability to do justice to each of their stories. Recent victims include Canon, Garmin, University of Utah, Jack Daniels Whiskey, Carnival Cruise Lines, Luxottica, Tyler Technologies, and now Universal Health Services (UHS), which had equipment at over 400 healthcare facilities taken down by ransomware.
Researchers at BleepingComputer published findings in which they (see ‘bleepingcomputer.com/news/security/the-weekin-ransomware-september-25th-2020-a-modern-daygold-rush/’) documented the emergence of at least 14 new ransomware strains during the single week of 19- 25 September. Most of these were likely low-end campaigns by script kiddies, but we are also now facing the threat of ransomware as a service, such as seen in the Sodinokibi and REvil campaigns.
The major vector for spreading ransomware has long been phishing. However, this is now being eclipsed by targeted exploits against the Remote Desktop Protocol (RDP) and Samba, and most recently Zerologon.
Remember that it’s not just the initial intrusion that spreads ransomware, but the ease with which it spreads (or doesn’t) through your organization. If your organization doesn’t practice micro-segmentation and comprehensive backup, or if you don’t have a ransomware response plan, consider giving IECA a call.