Your Cyber Hygiene: National Cybersecurity Awareness Month
By Arti Raman, CEO and founder, Titaniam
In this digital age, companies ingest and retain more data than ever before from customers and employees. This also means that companies have more to protect. Personally Identifiable Information (PII), such as names, addresses, Social Security numbers and payment information are all vulnerable to data breaches and compromise. A data breach can be devastating to everyone involved, ruining company reputations and seeing customer information on the dark web. Cybercriminals have even begun targeting valid user credentials to exfiltrate and extort company data, making it that much harder for companies to defend against attacks. In a recent survey, over 70% of the companies surveyed reported a ransomware attack within the last 5 years. Of those who were attacked, 68% experienced data exfiltration.
It is time for companies to begin restructuring their cybersecurity strategies and for individuals to increase their cyber hygiene.
Understanding & Defending Against Ransomware Attacks
Companies are now experiencing ransomware attacks at an alarming rate. These companies can identify these attacks through three distinct stages: infiltration, data exfiltration, and system lockup through encryption. If attackers succeed at any stage, they will have access to additional extortion leverage and ultimately win.
Stage One
Infiltration – Attackers will find a way inside company infrastructure through methods like stolen valid credentials or identified vulnerabilities. This initial access can be used to observe protocols and eventually leave a second way into the system later. This backdoor can then be sold as information or even as an entry point for an entirely new set of cyber criminals. An effective countermeasure at this stage is utilizing prevention and detection technologies meant to provide the groundwork of a solid defense.
Stage Two
Data Exfiltration – This stage of a ransomware attack exhibits the most lucrative stage for attackers. This is when attackers can utilize the rich data stolen to receive ransoms from their victims, or even groups associated with their victims, such as employees or customers. Companies looking to defend against data exfiltration should look towards all three methods of data encryption (at-rest, in-transit and in-use). These techniques will keep data encrypted at every stage and render it useless for would-be attackers.
Stage Three
System Lockup – System lockup can be considered the most recognizable stage during a ransomware attack. This stage can be used to extort those who have improper cybersecurity hygiene, meaning they don’t employ proper backup and recovery methods. The most effective defense at this stage in a ransomware attack is also exactly that – proper backup and recovery tools that help to ensure dataloss is not permanent.
Companies looking to protect against ransomware attacks and enhance their cybersecurity tactics should use technologies that neutralize the use of data stolen. In other words, cybersecurity experts must leave attackers with negligible room to achieve their aims and steal sensitive data. These types of defense can allow companies to feel more protected and free to collect customer data with minimal concern.
Recent Cyber Attacks Featuring Ransomware
These examples are only a few instances from 2022 when a company’s security was bypassed or breached, resulting in ransomware deployment.
Cisco experienced confirmed breach, ransomware group claims to have stolen 55GB of data
On September 11th, 2022, the ransomware group Yanluowang laid claim to a cyberattack that occurred against company Cisco in May. They state to have stolen 55GB of data including classified documents, schematics, and source code. While no evidence was provided, Cisco themselves revealed the group had compromised an employee’s VPN account. Yanluowang is linked to separate ransomware groups Evil Corp and FiveHands.
Personal data may have been stolen in ransomware attack impacting Los Angeles school district
On October 2nd, 2022 Los Angeles Unified School District notified the public of a ransomware attack impacting students, their families, and employees. Vice Society Ransomware group reportedly published stolen documents after LAUSD refused to pay the ransom. Some of the stolen data files may contain sensitive information. Those impacted are watching for potential phishing attacks that may come in the wake of this event.
Ransomware group hits German oil companies
On January 29th, 2022, ransomware group BlackCat was revealed to have compromised multiple German oil companies, resulting in major disruption to the supply chain process. BlackCat is potentially a rebranded version of the same group that attacked the U.S. Colonial Pipeline in 2021.
Three ransomware gangs exploited company vulnerability
On April 2nd, 2022 three separate ransomware groups found a vulnerability within a company’s infrastructure. These three groups – LockBit, Hive and BlackCat – separately encrypted data and left individual ransoms for the decryption keys. While it remains unclear if these were coordinated attacks, this example is a warning sign for companies to clean up their cybersecurity strategies.
Celebrating National Cybersecurity Awareness Month
We are seeing more cyberattacks impacting companies and their customers every month. In fact, the White House recently released a proclamation regarding Cybersecurity Awareness Month. This statement asks that individuals and those within the private sector make efforts to update their cybersecurity hygiene. This can include strengthening passwords, reporting phishing schemes, updating software and investing in newer and innovative cybersecurity measures, and utilizing encryption to keep data secure.
These are all great ways in which individuals and organizations alike can recognize and celebrate this month among rising cybersecurity threats. By doing so, not only can you protect your personal lives and information, but organizations can begin making the changes necessary now before they become the next victim of a ransomware attack.
About the Author
Arti Raman is the founder and CEO of Titaniam. She specializes in advanced data protection techniques including high-performance encryption-in-use. Prior to Titaniam, she was a senior product management leader and head of UX and competitive intelligence for Symantec’s enterprise business.
Arti holds a number of patents. She was the youngest and the first female recipient of the Rosenthal Award for outstanding contribution to the field of investment and finance for her work with the late Dr. Ed Lazear, former US Chief Economist and Nobel laureate, Dr. Michael Spence.
Arti holds degrees in Business, Economics, and Mathematics.