![Osterman Ransomware Attacks Osterman Ransomware Attacks](https://privacy.blackfog.com/wp-content/uploads/2022/10/Osterman-Ransomware-Attacks.png)
Executive Summary
This white paper could start by reviewing the college that closed permanently after a ransomware attack or the large school district that suffered an incident during a recent holiday weekend. Or it could focus on how critical infrastructure – such as water treatment plants, pipelines, and meat processing plants – are increasingly under attack. We could even comment on the increase in ransom demands.
We are not going to do any of the above—at the beginning of this white paper or anywhere else. While there are important lessons to take from each of these situations, we will leave that analysis to others.
This white paper takes a different approach. It starts by quickly establishing the current context on ransomware before moving into an analysis of where current and best practices diverge. We’ll look at eight areas where many organizations remain susceptible to ransomware attacks, outline new and emerging solutions or approaches that can be used to bolster controls and protections, and offer a report card for self-assessment by organizations. Most report cards are additive (the “better” level also requires the “baseline” controls, and the “best” level requires the controls from all three levels) while two are based on maturity (low, medium, and high).
The first four areas focus on defending against ransomware attacks, the final three focus on recovering after an attack, and the fifth area does double duty for defending and recovering. By the end of this white paper, decision-makers and influencers charged with evaluating and selecting cybersecurity solutions should have a better idea of their organization’s readiness (or not) to counteract ransomware.
KEY TAKEAWAYS
- Ransomware remains a threat—and a growing one at that
Threat actors are evolving their toolkits and playbooks to make ransomware more devastating to victims. Ransomware-as-a-Service (RaaS) and partner-in- crime models, along with greater supply chain specialization, increase the peril. - Metrics for ransomware attacks are both up and down
Some reports on ransomware show a threat with increasing frequency. Others show a downward trend. Sanctions imposed on Russia following its invasion of Ukraine appear to have neutralized the efficacy of Russian-based gangs. - Strengthen defenses against ransomware attacks
If 2022 is a “strategic pause” for ransomware attacks, organizations should increase security posture and decrease threat susceptibility for when ransomware gangs return to crime-as-usual. - Prepare to recover after a ransomware incident
While it is almost certain that every organization will face opportunistic attackers—and perhaps determined ones too—it is not certain that every organization will become a victim of a ransomware incident. But if that does happen, having a response protocol or recovery plan approved by the Board and ready to enact is invaluable. Lay a strong foundation now for recovery, if needed.
This white paper has been prepared by Osterman Research
Related Posts
BlackFog Strengthens Leadership Team with Strategic Appointments
BlackFog strengthens leadership and the next stage of growth with Brenda Robb as President, John Sarantakes as CRO, and Mark Griffith as VP of Strategic Sales.
The CrowdStrike Incident: A Global IT Meltdown
Discover how the recent CrowdStrike incident caused a global IT meltdown, affecting thousands of businesses. Learn about the event timeline, its impact, and how BlackFog's advanced practices can help prevent such risks. Stay informed and protect your business from future cybersecurity threats.
6 Essential Ransomware Prevention Steps Every Firm Must Take in 2024
What essential ransomware prevention steps must businesses take as the scale of this threat continues to rise?
Data Protection vs Data Security: The key Differences to Know
Are you aware of the difference between data protection and data security? Here's what you know to keep your data safe.
The State of Ransomware 2024
BlackFog's state of ransomware report measures publicly disclosed and non-disclosed attacks globally.
Understanding Data Privacy and Security: How do they Relate?
Data privacy and security are critical topics for any business to focus on in today's environment. The rising costs of cyberattacks and other threats mean a clear strategy for safeguarding sensitive data is more important than ever before.