Changing tactics and targets: five ransomware challenges for 2021
- Published: Tuesday, 17 November 2020 09:25
Asigra Inc. has identified five ransomware challenges which it expects to impact businesses in 2021, driven in part by an escalation of increasingly sophisticated ransomware attacks globally.
According to the US Government's Cybersecurity & Infrastructure Security Agency (CISA), "The organization has observed continuing ransomware attacks across the country and around the world. Malicious actors have adjusted their ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay. Malicious actors increasingly use tactics such as deleting system backups, that make restoration and recovery more difficult or infeasible for impacted organizations.”
Organizations today have a false sense of security that their backup will be there for them when a ransomware attack occurs. Sadly, a large number of these attacks now target backup data, preventing business recoveries after such attacks. With pandemic-influenced IT trends evolving and a shift in IT solutions and services underway, Asigra has identified the following challenges expected in 2021 and guidelines for operating successfully going forward:
Ransomware attacks on Kubernetes Containers
he deployment of Kubernetes-based containers is growing rapidly as it allows software to run consistently between computing environments, making it highly portable, productive and ideal for digital transformation. Along with these advantages comes the generation of massive data volumes, making these new environments prime targets for new ransomware variants. Mitigating these attacks will require an industry-wide approach to ensuring the viability of these environments before, during and after such attacks.
Cyber-targeting of SaaS-based applications
With the increase in distributed enterprise operations and remote work environments, there will be continued adoption of SaaS-based applications. Beyond the flexible use of these applications, they offer cost, time and scalability advantages in many cases. However, they also create a new data source that is vulnerable to ransomware and must be protected.
AI-driven cyber attacks
Artificial intelligence and the technologies that enable it are becoming more advanced. The resulting new capabilities are allowing criminal organizations to conduct more complex and targeted attacks. To counter these more intelligent attacks, organizational defenses / defences must also evolve.
Ransomware payments to become illegal
The US government has expressed intentions to align the payment of cyber ransoms with the support of terrorist organizations and may make these payments illegal. It is expected that other nations will enact such laws as well, especially to defend against possible nation-state sponsored actors. Without the ability to retrieve criminally encrypted data or recover properly, ransomware attacks will become business ending events.
Managed Security Service Provider Registration with the government
The US government will move to require MSPs/MSSPs that provide cyber security services to register their organizations with the government, adding more regulations as the ransomware trend continues to accelerate.
One method of addressing any of the above challenges is to ensure a viable backup copy is available to restore all data to pre-attack status. This entails a strong defense of the organization's backup infrastructure, including access to backup software controls. Recent ransomware variants are conducting immutability subversion attacks which are possible because 'step-up' or Deep MFA (multi-factor authentication) has not been applied to backup software.
"Organizations need to ready themselves to properly and quickly respond to ransomware attacks regardless of what has been attacked. One way to do this is to make backup data very difficult to hack," said Eran Farajun, Executive Vice President, Asigra, Inc. "Regardless of the imposing number of routes that ransomware will take in 2021, having a well-planned response plan to get your systems back up and running in the least amount of time will be critical to ensuring business viability."