Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 27 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Evolve as fast as the cybercriminals: Protect your business now, before it’s too late

Businesses must arm themselves against the ransomware attack business model emerging within the market

by Guru Writer
October 28, 2022
in Uncategorized
Evolve as fast as the cybercriminals: Protect your business now, before it’s too late
Share on FacebookShare on Twitter

According to the 2022 Cyber Threat Report, 2021 saw a global average increase of 105% in the number of ransomware attacks. The 2022 State of the Phish report said that a staggering 82% of UK businesses that experienced a ransomware attack sent payment to the cyber criminals – believing this was the cheapest and easiest way to regain access to their data. However, in many cases criminals simply took the payment without restoring access and the organisation finds itself on criminal target lists as it has demonstrated that attacks pay off. Even when decryption keys are handed over, it can take an extended period of time to restore data.

One attack, on a hospital in Dusseldorf, Germany, was implicated in the death of a patient who had to be diverted to an alternative site as the A&E department had been forced to close due to the loss of core computer systems. It appears that the attack had been misdirected, and the hackers – who were quickly apprehended by the police – handed over the encryption keys immediately when they realised what had happened. Nevertheless, the decryption process was slow. It began in the early hours of September 11 and by September 20 the hospital was still unable to add or retrieve information, or even send emails. 30 servers had been corrupted. 

The methods and techniques required to conduct a cyber-attack have never been more accessible. Whether it is on the darknet or through open-source content, the ability to purchase material that allows a malicious user to conduct a cyber-attack is readily available. Conducting a ransomware attack and using it to extort money from companies and government services alike, is now viewed as a viable business model by organised criminals. 

Take for example the recent Grand Theft Auto Six leak, a breach that is now named one of gaming’s biggest security breaches to date. Rockstar Games remain unclear how the network intrusion occurred, but the hacker claims to have gained access by breaching Rockstar’s Slack channel, the communication platform used for internal collaboration. They then invited executives to negotiate a payment to avoid further leaks, claiming to have access to the game’s source code and hoping to sell the unpublished data back. The hacker also claimed to be responsible for the Uber data breach, which involved the attacker gaining administrative access to Uber’s entire network, even being able to control the initial response to the hack itself through total control of the Slack account.

There is also evidence of increased attacks in industry and on core business functions. Last month an attack on South Staffordshire Water was conducted by a ransomware group called Cl0p. This attack was specifically targeted during a critical time for water companies, due to the implementation of water usage restrictions as the country facing the prospect of a national drought. The hacking group breached the company’s security and boasted that it would be easy to change the chemical composition of the water, potentially making it unsafe. C10p has been known to use Cobalt Strike in their ransomware attacks, a tool that is supposed to be used ethically for vulnerability detection. Yet hackers are increasingly utilising it for the opposite effect as it allows for a more profitable ransomware attack. 

Data Protection laws require organisations to design data protection into information processing activities from the start, and to review and update the controls regularly. As cyber criminals evolve and the accessibility of previously complex tactics and methods increases, businesses must evolve and enhance their technical and organisational measures, to reduce the risk of harm to their operational activities and the people who rely on them. To ensure your cyber defences remain effective in a fast-paced threat landscape, you need to be basing them on actionable intelligence in the context of your organisation’s operating environment.  Understanding the risks to your commercial interests and to the individuals in your community, in the context of the types of attacks happening now, allows you to focus your resources on the most important controls.

Gemserv’s integrated Cyber and Digital team includes technical specialists in cyber security, real-time threat intelligence and data protection who work together to help our clients protect their organisations and communities effectively and efficiently. We believe in ‘making the things that matter work better for everyone’. If your organisation does things that matter, find out how our approach to your defence can help you stay safe and grow.

Camilla Winlo, Head of Data Privacy and Ian Rutland, Head of Cyber Security at Gemserv

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Salt Security Strengthens Executive Leadership Team as Demand for API Security Accelerates

Next Post

Huge Turnout Sets Exciting Precedent for International Cyber Expo 2023

Recent News

Synopsys discover new vulnerability in Pluck Content Management System

Synopsys discover new vulnerability in Pluck Content Management System

March 24, 2023
Dole Food Company

Dole confirms employee data was breached following February ransomware attack

March 24, 2023
call centre

MyCena Improves Customer Data Access Protection in Call Centers and BPOs

March 23, 2023
Blue logo, capitalised letters. SPECOPS.

Fortune 500 Company Names Found in Compromised Password Data

March 23, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information