The sudden and massive shift to a remote work policy across the Department of Defense and the contracting community has created a perfect storm of cyber challenges needing to be addressed. To combat ransomware, the approach of Airgap Network’s Zero Trust Isolation among devices to applications AND devices to devices is making a lot of sense by enforcing strict multi-factor authentication access controls and network monitoring inside or outside the networks through a single platform.
Asigra Inc. recently highlighted five ransomware risks expected to impact organizations in 2021, partly driven by an increase of sophisticated ransomware attacks around the globe. With coronavirus-influenced, IT trends evolving and a shift in IT solutions and services underway, here is the shortlist:
- Ransomware Attacks on Kubernetes Containers: The deployment of Kubernetes-based containers is growing rapidly as it allows the software to run consistently between computing environments, making it highly portable, productive, and ideal for digital transformation. Along with these advantages comes the generation of massive data volumes, making these new environments prime targets for new ransomware variants. Mitigating these attacks will require an industry-wide approach to ensuring the viability of these environments before, during, and after such attacks.
- Cyber-targeting of SaaS-Based Applications: With the increase in distributed enterprise operations and remote work environments, there will be continued adoption of SaaS-based applications. Beyond the flexible use of these applications, they offer cost, time, and scalability advantages in many cases. However, they also create a new data source that is vulnerable to ransomware and must be protected.
- AI-Driven Cyberattacks: Artificial intelligence and the Ransomware-as-a-Service technologies that enable it are becoming more autonomous and advanced. The resulting new capabilities are allowing criminal organizations to conduct more complex and targeted attacks. To counter these more intelligent attacks, organizational defenses must also evolve.
- Ransomware Payments to Become Illegal: The US government has expressed intentions to align the payment of cyber ransoms with the support of terrorist organizations and will likely make these payments illegal. It is expected that other nations will enact such laws as well, especially to defend against possible nation-state sponsored actors. Without the ability to retrieve criminally encrypted data or recover properly, ransomware attacks will become business ending events.
- Managed Security Service Provider Registration with the Government: The US government will move to require MSPs/MSSPs that provide cybersecurity services to register their organizations with the government, adding more regulations as the ransomware trend continues to accelerate. *
According to the US Government’s Cybersecurity & Infrastructure Security Agency (CISA), “the organization has observed continuing ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay. Malicious actors increasingly use tactics such as deleting system backups, which make restoration and recovery more difficult or infeasible for impacted organizations.”
One way to address any of the above challenges is to deploy Zero Trust network security design — trusting no one and verify every single time. This involves a mindset shift and, maybe erased what we have learned in the past decades on corporate network security design.
During the ransomware outbreak, organizations need to ready themselves to properly and quickly respond to ransomware attacks regardless of what has been attacked. The emergency shut-off valve, Ransomware Kill Switch, should be by the side of any CISO, ISO, IS, or IT leaders to neutralize any further propagation damage in microseconds. For more information, check out https://airgap.io