{"id":60815,"date":"2023-09-08T15:38:05","date_gmt":"2023-09-08T07:38:05","guid":{"rendered":"https:\/\/version-2.com\/?p=60815"},"modified":"2023-09-07T14:59:04","modified_gmt":"2023-09-07T06:59:04","slug":"how-the-next-ransomware-attack-will-hurt-you-the-numbers-are-in","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2023\/09\/how-the-next-ransomware-attack-will-hurt-you-the-numbers-are-in\/","title":{"rendered":"How the next ransomware attack will hurt you: The numbers are in"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t
<\/i><\/span>
Previous<\/span> Mitigating risk \u2013 data loss prevention helps prevent security disasters<\/span><\/div><\/div><\/div><\/a>
<\/i><\/span>
Next <\/span> Creating a successful remote work policy: examples and best practices<\/span><\/div><\/div><\/div><\/a>\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

<\/p>

75% of organizations have been victims of at least one successful ransomware attack in the past year, disrupting them operationally and financially.\u00a0\u00a0<\/p>

These attacks have become a constant battle between ever more sophisticated attackers and the IT and cybersecurity professionals tasked with keeping them at bay.\u00a0<\/p>

In fact, a new survey<\/a> (co-sponsored by Keepit) tells us that 65% of those IT and cybersecurity professionals name ransomware among the top 3 threats to their organization’s viability, and 13% of those even name it the biggest threat.\u00a0<\/p>

If you are responsible for protecting your organization\u2019s data, are you prepared for the next ransomware attack? If you are concerned about gaps in your strategy, you\u2019re not alone. Many feel their organizations do not have the proper preparation in place to handle the increase in frequency and impact of attacks. So read on, learn where attacks are being targeted, and how to increase your level of preparedness.\u00a0<\/p>

The statistics are fresh and based on a new Enterprise Strategy Group survey of 600 European and North American IT and cybersecurity professionals personally involved with protecting against and recovering from ransomware attacks.\u00a0<\/p>

Get all the latest numbers on ransomware attacks in the full report. Download it for free.<\/a><\/b><\/p><\/section>

What ransomware attackers go after<\/b><\/b><\/h4>

We have reliable data both on which parts of your IT environment are at risk, and which data classes the attackers are most likely to go after. So, let\u2019s take them each in turn.<\/b><\/p><\/section>

The parts of your IT environment most at risk<\/b><\/h4>

Attackers can enter your network at many different points, placing a significant burden on IT departments. But with this data, you will have a better idea of where to strengthen your defenses.\u00a0\u00a0<\/b><\/p>

\u00a0
The element most affected by ransomware attacks \u2013 indicated by 38% of survey respondents whose organization experienced a successful ransomware attack – is their key IT infrastructure<\/b>. Anyone who controls even a small part of your IT infrastructure has tremendous power over you. They no longer even need to kidnap your files. For example, if they can disrupt, or gain control over, your Active Directory, they can shut your operations down for all practical purposes.\u00a0<\/b><\/p>

For obvious reasons, your storage systems<\/b> are also an attractive destination for attackers. Whether on-prem or in the cloud, there is a lot of gold in your data assets.\u00a0\u00a0<\/b><\/p>

But the survey respondents tell us that there are also plenty of other targets under assault in their IT environments. These include networks and connectivity<\/b>, cloud-based data<\/b>, IoT operations infrastructure<\/b>, and last but not least data protection infrastructure<\/b>.<\/b><\/p>

\u00a0\u00a0\u00a0<\/b><\/p>

Especially the last one deserves a special mention. Ransomware attacks are increasingly targeting backup copies of data \u2013 something that 74% of survey respondents were concerned about.\u00a0\u00a0<\/b><\/p>

This is why at Keepit we have gone to great lengths to create backup solutions that eliminate this very risk<\/a> to the data protection infrastructure by insulating your backup in our independent cloud. With our true third-party protection, your data is stored in separate, isolated, immutable storage that is physically and logically separated from the rest of your IT environment. So the risk of attackers being able to reach your backups is greatly reduced.\u00a0\u00a0<\/b><\/p>

While the industry is slowly realizing the importance of such \u201cair-gapped\u201d and immutable solutions, this is not common practice within the backup solutions industry just yet.\u00a0<\/b><\/p><\/section>

The data classes most at risk<\/b><\/h4>

The data class most targeted by the attackers\u2014cited by 58% of the respondents whose organization had experienced a successful ransomware attack \u2014is the one that you are required by law to protect: regulated data<\/b>. This hurts in any way you can imagine, both for you and those that entrust you with their data.\u00a0<\/b><\/p>

\u00a0
But a close second is sensitive infrastructure configuration data<\/b>. Affecting the infrastructure at its core is a very effective way for attackers because it makes it easier for them to steal or damage data and to evade detection.\u00a0\u00a0<\/b><\/p>

In essence, this is how many attackers first gain entry. Once inside, they \u201cclimb the ladder\u201d to compromise an account with admin privileges. And then, they can start breaking things such as configuration settings and access rules, and start stealing.\u00a0\u00a0<\/b><\/p>

We recently saw a brazen example of just such an attack. In this case<\/a>, attackers caused major disruptions and financial losses by compromising both on-prem and cloud-based systems. The attacker:\u00a0<\/b><\/p>

  1. Entered the target network by compromising an on-premises account\u00a0<\/b><\/li>
  2. Leveraged that account to compromise the on-prem Active Directory\u00a0<\/b><\/li>
  3. Used that access to pivot to and compromise Azure AD\u00a0<\/b><\/li><\/ol>

    \u00a0
    All of the target’s Azure storage and compute resources were deleted. If you don\u2019t have a     backup of your Azure AD data<\/a>, building your settings and access control up from the ground again will be difficult and time-consuming, leaving you vulnerable to further attacks in the interim.\u00a0<\/b><\/p>

    Other data classes the survey respondents indicated are usually targeted are intellectual property data<\/b> and mission-critical data<\/b>. Any attack on mission-critical data is frustrating and costly as companies struggle to restore data and operations. But temporary or permanent loss of sensitive intellectual property information is not only hurtful in the short-term until operations are resumed, but can be enormously damaging in the long-term.\u00a0<\/b><\/p>

    All these four types of data are highly desired by the attackers. You can see exactly how much, and a lot more, in the report itself<\/a>. <\/b><\/p>

    As you can see, your IT infrastructure has a major bullseye on its back that bad actors constantly try to hit. Unfortunately, sometimes they will succeed. So, you had better have the right plan in place to deal with the consequences when it happens.\u00a0<\/b><\/p><\/section>

    How the ransomware attacks hurt<\/b><\/h4>

    \u00a0<\/b><\/p>

    When asked in the survey how all those successful ransomware attacks have impacted the respondents\u2019 businesses, the two standout examples were data loss<\/b> and data exposure.<\/b><\/b><\/p>


    But the list of painful effects is long. Some worth mentioning are operational disruptions<\/b>, direct impact on employees, customers and partners<\/b> (such as access to personally identifiable information), and financial, compliance and reputational damage<\/b>.\u00a0<\/b><\/p>

    If you want to know in more detail what pains to expect and prepare for, I recommend that you look through the the official report.<\/a><\/b><\/p><\/section>

    Storytime: Scary ransomware stories from the real world<\/b><\/b><\/h4>

    \u00a0<\/b><\/p>

    Now that you know what the attackers are after, where they hit you and what the main effects will be, let\u2019s get a bit more tangible and look at some recent examples of successful attacks.\u00a0<\/b><\/p>

    Ransomware attackers sure are creative, so you need to be able to anticipate their moves. And for that, it is useful to follow the related news and learn what has worked (for the attackers) in the past. <\/b><\/p>

    \u00a0<\/b><\/p>

    Here is some recommended reading to bring yourself up to date:<\/b><\/p>