The recent ransomware attack on Colonial Pipeline is reportedly one of the most significant cyberattacks on the energy sector till date, and it has overwhelmed cybersecurity experts across the globe.
On June 2nd, 2021, the White House released a memo from Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology. The subject? “What We Urge You To Do To Protect Against The Threat of Ransomware.” It outlines several recommendations on how to protect your organization from ransomware. The memo was a follow-up to President Biden’s May 12th Executive Order on Improving the Nation’s Cybersecurity Order (EO14028).
The ransomware campaign against the Colonial Pipeline highlights the dangers and real-life consequences of cyberattacks. If you want to understand how to use Splunk to find activity related to the DarkSide Ransomware, we highly recommend you first read “The DarkSide of the Ransomware Pipeline” from Splunk’s Security Strategist team. In short, according to the FBI, the actors behind this campaign are part of the “DarkSide” group.
If you have been following the news or trying to buy gas in Atlanta, you probably have already heard about the ransomware attack on one of the most important strategic pipelines in the US. 2020 saw ransomware attacks skyrocket and now 2021 seems to be following the trend. The current situation begs us to rethink how we think about our security practices and mindset. One area of security that you may have heard about is Zero Trust (ZT).
Organizations today are challenged by an increased exposure to cyber threats. Attackers often target emerging technologies since the new technology is often ill-equipped to handle an attack. Moreover, the internet has become filled with malicious links, Trojans, and viruses.
Every career has defining moments. Most are spread out over years or even decades, but the cybersecurity world has had two career-defining moments just in the past year. It started with the global shutdown due to the COVID-19 pandemic. Overnight, many organizations were forced to support employees working remotely. CISOs, like me, were expected to keep both our company and its employees safe in a completely unpredictable world.
Clop Ransomware has been active since 2019 and has been mostly associated with financially-driven criminal groups. However, lately this ransomware payload has been observed in campaigns against universities and other institutions in the education vertical.
Just as our physical world has suffered from a devastating health pandemic, over the last 3 years the digital world has been suffering a ransomware pandemic that grew 7 times in 2020 compared to the same time in 2019. While we have vaccines for our health crisis what are our options to help protect us against this digital threat?
Phishing and ransomware. Ransomware and phishing. The two are inextricably connected and are now often chained together as the most potent exploit tools in a cybercriminal’s arsenal.
A ransomware attack is a bug that we can’t shake off. Or perhaps, it can even be called a shape-shifter that somehow finds a way into networks, no matter how many armed sentries you’ve deployed in and around your perimeter. The line between ransomware and a data breach is slowly fading. Threat actors prefer ransomware over other modes of attack because they work.
