View profile

Most destructive? Ransomware.

Code Story
Most destructive? Ransomware.
By Code Story • Issue #84 • View online
This newsletter is sponsored by our friends at Anomali. Download their Cybersecurity Insights Report for 2022.
In recent years, no cyberattack payload has been more destructive to business and government organizations than ransomware. And to be clear, this is not new… the earliest variants of ransomware were developed in the late 1980s. This type of malware made a resurgence in 2019 with high profile attacks made on state and local government.

The Impact of these Attacks
The global impact of these attacks was quantified in Anomali’s recently published Cybersecurity Insights Report 2022 that included a Harris Poll survey of security professionals with analysis by the Anomali Threat Research team. In this report, the company found that:
  • 52% of organizations were hit by ransomware attacks in the last three years
  • 39% of victims paid a ransom to regain control of their data and systems.
Solving for ransomware requires a continuous global approach to detection that is rooted in intelligence. Let’s take one of the most notorious spates of ransomware attacks that leveraged three types of malware, Emotet, TrickBot and Ryuk to expertly extort over $61 million dollars from businesses in 2020 according to the US Federal Bureau of Investigations.
To remind readers, Emotet infiltrates an organization, spreading from the primary infected endpoint to other endpoint victims spreading TrickBot which establishes a command-and-control (C2) connection allowing the attacker to assess the victim and then spread Ryuk payload which delivers the ransomware.
Anomali delivers a cloud-native extended detection and response (XDR) solution  via The Anomali Platform,  that drives detection, prioritization, and analysis, taking security from intelligence to detection in seconds. Companies use Anomali to enhance threat visibility, automate threat processing and detection, and accelerate threat investigation, response, and remediation ultimately helping organizations to detect and respond to ransomware at all stages of the attack. 
So, what is a CISO to do?
Have Global Situational Awareness
Stop Initial Access
Stop the Attack
Stop the Communication
Stop the Payload
Did you enjoy this issue?
Code Story

Code Story is a podcast, interviewing tech leaders about the roads they travelled creating world changing products. Monthly, we look back at the episodes highlights, happenings for the show and opportunities for support. Stay tuned, and sign up today.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue