Ransomware and other Attacks

Attackers may already be in your environment and constantly find new ways to avoid detection. Attacks involving Phishing, Ransomware, Misconfiguration, Stolen credentials, and Mis-delivery continued to increase in 2020 according to Verizon DBIR and 10% of all breaches involved ransomware. The U.S. Secret Service noted that most organizations had adequate data backup, but cyber actors shifted their focus to the exfiltration of sensitive data and threatening to publicize the data unless additional ransom was paid. In early 2021 ransomware hit for example hit COLONIAL PIPELINE, QUANTA, NATIONAL BASKETBALL ASSOCIATION (NBA), BRENNTAG, ACER, JBS FOODS, AXA, and other victims according to Illinois.touro.edu. A ransom of between $7.5 million and $50 million US Dollars was demanded in several of these attacks and the hacker group disrupted gas supplies all along the East Coast of the United States, gained access to more than 3 TB of data including Apple product blueprints and other confidential data. We will discuss how to use the “NIST CYBERSECURITY FRAMEWORK FOR RANSOMWARE” to Prevent Attacks and Recover after Attacks. 80% of all attacks in 2020 involved servers and 53% target WEB servers according to Verizon DBIR. We will discuss the Top 10 Web Application Security Risks according to OWASP and the Top Ten Proactive Controls that describes the most important control and control categories that every architect and developer should include in every project. Make sure that your data is private and protected in transit, in use, in memory, and at rest. Sensitive data can be secured and protected by a robust data backup plan so systems can quickly be restored. A multi-layered defense can help to create a good security posture and how to discover unusual activity on your sensitive data.