Johannesburg, 08 Feb 2023
The recent headlines on ransomware have been extraordinary – from Colonial Pipeline to Honeywell to the recent attack on Kaseya. The economic impacts of these emerging threats are now impacting business in the order of billions of dollars. We want to deep dive into these ever more sophisticated attacks with some specific and more technical recommendations on how to best position your organisation to respond to malware attacks.
Our economy’s fundamental dependence on the “network” and the ongoing digital transformation has driven the enormous efficiencies and effectiveness over the past three decades. However, our speed to embrace the digital transformation to gain these advantages was often done with little regard for warnings from our security and risk management teams and have generated many vulnerabilities. Greater security integration is often overlooked to maintain a competitive advantage in the face of the constant wave of new start-ups and disruptive “never-seen-before” new business processes – think Uber or AirBnB. This race to maintain competitive advantages often creates vulnerabilities that ransomware and malware attacks target. Our new digital ecosystem demands a fundamentally new approach in terms of cyber security that synchronises protecting the underlying information management systems and data that is now the lifeblood of our new economy.
The goals of a malware attack can be notably different for Federal agencies than for commercial companies. The attack on Federal agencies more often aims at embedding malware to extract data over an extended period of time. The best example of such an attack was the Office of Personnel Management (OPM) event, where large amounts of data on the Federal and DOD workforce were extracted to gain an intelligence advantage. However, while the objective goals may be different, the methods of the attacks are similar – the ransomware attacks are a subset of the malware attacks in general. What is important to remember is that both are attacking data stores.
These attacks continue to take advantage of security gaps in core IT operations, and a cyber risk profile drives the need for a comprehensive approach to intelligent data management differently from just a disaster recovery strategy. Using a cyber risk profile helps identify key vulnerabilities, but it also helps prioritise and focus on the key operational systems that require the greatest protection and also the highest priority for restoral.
Please download the white paper below.
Share