Technology News
English Edition
  • Home
  • Internet
  • Internet News
  • How Can You Prevent Ransomware Attacks? Cybersecurity Experts From Okta, Rapid7, Recorded Future, and Team Cymru Explain

How Can You Prevent Ransomware Attacks? Cybersecurity Experts From Okta, Rapid7, Recorded Future, and Team Cymru Explain 2z3i1u

The major recommendations in the Ransomware Task Force Report include increased regulation of the cryptocurrency sector. 2o1z3j

By Jasmin Jose | Updated: 8 July 2021 13:58 IST
How Can You Prevent Ransomware Attacks? Cybersecurity Experts From Okta, Rapid7, Recorded Future, and Team Cymru Explain

Photo Credit: Pexels/ Sora Shimazaku 1o216b

One of the first things that we need to understand first is how ransomware infects a computer

Highlights
  • There isnтАЩt a single software solution that will solve ransomware attacks
  • Use strong s that are unique to each site/ service
  • Governments should mandate that organisations report ransom payments
ment

Is there anything that you can do to reduce the threat of a ransomware attack? And what should you do in case you're the victim of one? These were some of the questions that were answered by a group of cybersecurity experts who spoke about the topic of ransomware during a Reddit AMA. The discussion was organised by the California-based Institute of Security and Technology┬а(IST), a non-profit organisation, and included Jen Ellis and Bob Rudis of the cybersecurity firm Rapid7, Marc Rogers of the IT services firm Okta, James Shank, of the computer security company, Team Cymru, and Allan Liska of the cybersecurity firm, Recorded Future .

Over the last year, IT firm Kaseya during the first week of July being the last major one. This single attack affected up to 1,500 businesses worldwide.

Prior to the attack on Kaseya , a Russia-based group's ransomware attack has prompted the US Department of Justice to elevate investigations of ransomware attacks to a similar priority as terrorism.

As the ransomware threats keep mounting, IST, a non-profit organisation, recently hosted an Ask Me Anything (AMA) session on Reddit where s could raise any questions related to ransomware and cybercrime, and what people can do to make themselves or their organisations a little safer.

What can you do to protect yourself or your business? 4g4o4c

One of the things that we need to understand first is how ransomware infects a computer. тАЬIt really depends on the type of ransomware,тАЭ explained Rogers, of Okta. тАЬIn most cases it is a malicious application that takes control of your system before spreading laterally into any and all connected systems. Sometimes it can be an actual person that takes over your and uses it to pivot into other systems to take them over also. Ultimately it ends with the same couple of things - your data gets stolen and an application, a locker, encrypts what's left behind and makes the demand for payment.тАЭ

тАЬMost ransomware attackers don't need advanced tooling to accomplish their goals. The Pipeline was ransomed because of plain credential use on a VPN. Not exactly rocket science,тАЭ Rudis, of Rapid7, added.

Actually protecting yourself or your company can be challenging because of both high-tech ways to beat security тАФ and the very strong chance that as humans, we all make mistakes, as Rudis pointed out. Liska, of Recorded Future, suggested employing multi-factor authentication, patching, endpoint protection and monitoring, scanning of remote infrastructure, and threat hunting for attackers. Rudis pointed out that there are many safe configurations for workstations and servers that organisations either do not know about or have been reluctant to deploy.

тАЬJust shoring up configurations on Active Directory and SMB (Server Message Block) servers alone can do wonders to help thwart attackers from being able to move laterally and encrypt or lock-out at scale,'' he said.

Liska also added that there isn't a single software solution that will solve the problem of ransomware or other types of attacks. тАЬTackling such threats requires a holistic approach to security. Not just software, but the right policies, people, and protocols in place to quickly identify and stop threats (are needed),тАЭ he said. Rudis added to the opinion saying, тАЬThere is no path to purchasing your way into ransomware defense.тАЭ

What should a regular person do? 6s244

But while many of these suggestions seem geared towards large organisations, individuals are also often targeted. In fact, a recent report by Daniel Benes, malware researcher at Avast, showed that gamers are increasingly being targeted by ransomware attackers. What should people do in this situation?

Shank suggested three basic things anyone could do to ensure greater safety for themselves, and also for the companies they're working for:

1. Use strong s that are unique to each site/ service that you visit.

2. Keep good backups, and consider using more than one backup device where both devices are never plugged in at the same time.

3. Be vigilant! If something strikes you as odd, alert your corporate security team. Did you click a link and think it might be bad? Report it. Most ransomware actors take time to inventory networks after the initial compromise, so there may be time to still protect your network and your device. Time is of the essence here though.

Can we put an end to the ransomware attacks? 5g6s4k

The AMA also discussed the likelihood of a state or a rogue group taking down a critical infrastructure for a long period, thus severely disrupting life. Ellis, of Rapid7, said that such a scenario doesn't feel far-fetched at all. тАЬWe've already seen infrastructure be a target in several countries, and this is only likely to increase without intervention. Even when the attacker offers up the keys as they did with the attack on the Irish healthcare authority (HSE), it can take a long time to get operations fully back up and running. HSE is saying they think full recovery will cost them $600 million (roughly Rs. 4,480 crores),тАЭ Ellis said.

The cybersecurity experts are also a part of the Ransomware Task Force Report by IST on combating ransomware. The report gives a comprehensive framework for actions that can be taken to fight ransomware and makes recommendations of steps that can be enforced by governments, institutions, and organisations.

The major recommendations include suggestions to the governments to establish Cyber Response and Recovery Funds to ransomware response and other cybersecurity activities, mandating that organisations report ransom payments, and increased regulation of the cryptocurrency sector. Coordinated, international diplomatic, and law enforcement efforts are also encouraged to proactively prioritise ransomware through a comprehensive, resourced strategy.

Windows 11 has been unveiled, but do you need it? We discussed this on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.
links may be automatically generated - see our ethics statement for details.
Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Cybercrime
Blaupunkt CyberSound Series Smart Android TV Range Launched in India: Price, Specifications, Features

Related Stories x6q4h

How Can You Prevent Ransomware Attacks? Cybersecurity Experts From Okta, Rapid7, Recorded Future, and Team Cymru Explain
Comment
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

ment

Featured
Follow Us
Latest Videos
More Videos
Tech News in Hindi
More Technology News in Hindi

ment

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. OTT Releases of the Week: Truth or Trouble, Motorheads, and More
  2. Jony Ive and OpenAI Said to Launch AI Device With Cameras in 2027
  3. WhatsApp Rolls Out Voice Chat Feature With End-to-End Encryption
  4. Tecno Pova Curve 5G India Launch Date Announced
  5. Xiaomi 15S Pro With With In-House XRING 01 SoC, 6,100mAh Battery Launched
  6. Vi Rolls Out 'Nonstop Hero' Plan With Truly Unlimited Data and Calls
  7. LinkedIn Is Now Letting s Search for Ideal Jobs Using GenAI
  8. Dyson Announces PencilVac As Its Slimmest Vacuum Cleaner to Date
  9. Honor 400 Series With 200-Megapixel Main Camera Debuts
  10. Realme Neo 7 Turbo Launch Date Confirmed; Teased to Run on This New Chipset
#Latest Stories
  1. Honor 400, Honor 400 Pro With Snapdragon SoCs, 200-Megapixel Main Camera Launched: Price, Specifications
  2. Xiaomi 15S Pro With In-House XRING 01 SoC, 6,100mAh Battery Launched: Price, Specifications
  3. Jony Ive and OpenAI to Launch AI Device With Cameras; Mass Production Slated for 2027
  4. WhatsApp Rolls Out Voice Chat Feature for All Group Chats With End-to-End Encryption
  5. SpaceX Successfully Launches 23 Starlink Satellites on Brand-New Falcon 9 Rocket
  6. Polaris WasnтАЩt Always the North Star: How EarthтАЩs Wobble Shifts the Celestial Pole
  7. Scientists Warn of Inadequate Solar Storm Forecasting: What You Need to Know
  8. NASAтАЩs Perseverance Explores Mars' Oldest Rocks in Krokodillen Region
  9. New Study Uses AI to Reveal Dry Origins of MarsтАЩ Mysterious Slope Streaks
  10. Ancient 14,000-Year-Old Solar Storm Revealed as Strongest Ever Recorded in EarthтАЩs History
Gadgets 360 is available in
Follow Us
Our Apps
App Store App Store
Available in Hindi
App Store
┬й Copyright Red Pixels Ventures Limited 2025. All rights reserved.
Trending Products┬а┬╗
Latest Tech News┬а┬╗