Ransomware attacks today look a lot different than in the recent past. They have expanded in magnitude, frequency, and severity. Past attacks were much smaller in scope and significantly less complex. Any security professional that is attempting to secure their organization based on the profile of past attacks will eventually encounter devastating results.
Ransomware has grown so sophisticated that Europol, the European Union’s law enforcement agency, last year called it “the most widespread and financially damaging form of cyber-attack.”
Let’s take a look at why ransomware attacks are escalating, what organizations and municipalities can learn from previous schemes, and how a comprehensive security strategy can reduce the exposure.
A 2020 study by global security firm Kaspersky surveyed employees' perception of ransomware and cited some of the possible reasons why attacks are still on the rise. The findings underscore the harsh reality that despite investments in comprehensive cyber protections and employee-based awareness campaigns, a significant percentage of workers remain unprepared to respond to intrusions.
As a result, there’s increased pressure on IT and security staff to deploy additional measures to mitigate risks to a company’s infrastructure and financials. Not doing enough to prevent a breach could contribute to an employee’s dismissal—most likely those responsible for thwarting malicious acts.
According to the survey, 45 percent of respondents said they would not know how to respond to a ransomware attack; 37 percent were unable to define the term ransom; 40 percent of those who experienced a ransomware attack said they do not know the necessary steps to take in response to another attack; and 68 percent felt that a company's IT security teams are responsible for taking care of a cyberattack.
What’s more, warnings from security experts and government agencies often go unheeded, and even the most basic safeguards are being ignored. A troubling analysis produced by the Swiss government found common flaws among businesses recently subject to ransomware attacks, noting that: “IT security of the companies affected was often incomplete and the usual best practices were not fully observed.”
Clearly there are challenges organizations face. Contributing to the rise in ransomware plots are the myriad factors that hackers exploit. Among these:
Security experts are always managing risks as the threat landscape evolves. Identity and access management (IAM) plays a key role in a company’s security and productivity posture.
Employing comprehensive IAM is top of mind for any security professional. It helps CISOs and their teams manage user access, and enables the IT staff to work more efficiently. IAM also ensures compliance regulations are met, such as monitoring user activity, maintaining audit logs, and protecting customers and their private information.
As more companies grant staff the freedom to work remotely due to COVID-19, employees may be unwittingly exposing themselves—and their employer—to cyberattacks. As people increasingly use personal devices, one tiny error, such as clicking on the wrong email, provides hackers all they need to access your network. Of course, it doesn’t necessarily matter where a person is logging in to their company’s network, because hackers can take advantage of the aforementioned vulnerabilities and wreak havoc, regardless.
Too often, organizations are overly reliant on passwords and multi-factor authentication to defeat breaches. The inherent problem is there are ways to obtain cracked passwords—via brute-force attacks, credential stuffing, or phishing schemes, etc. With file-level encryption that is disconnected from IAM, even if someone is able to break into a network, individual files would largely be inaccessible.
At the same time that cyber threats have grown more elaborate and costly, hackers have become more unpredictable. They aren’t only directly targeting organizations and municipalities, but also third parties holding their sensitive data.
As destructive and unsettling as these schemes are, they do provide security experts with insights into different types of threats and the mechanisms facilitating them, and consequently, how to successfully safeguard against associated vulnerabilities.
Our file encryption software uses AES-256 and a distributed encryption key management scheme to replace passwords. This alone can significantly minimize the risk of exposure from hackers.
Atakama goes beyond traditional encryption solutions. Where other encryption bulk decrypts the instant a user (or adversary) is authenticated, Atakama’s approach is to separate file encryption from user authentication. Without reliance on traditional authentication mechanisms (i.e., usernames and passwords) files always remain encrypted when at rest, even to an adversary who is able to gain access to the network. The only thing the adversary would be able to exfiltrate are encrypted files, but because those files are Atakama encrypted they are rendered useless in the attack. By doing so, Atakama nullifies any attempt to ransom or otherwise extort company files.
Beyond the state-of-the-art encryption, our features are easy-to-use, compatible with a multitude of systems and devices, and enable users to protect files whether stored in the cloud or on a network, and all without compromising existing user workflows.