Asigra forecasted five ransomware challenges expected to impact businesses in 2021, driven in part by an escalation of increasingly sophisticated ransomware attacks globally. Tasked with ensuring operational continuity, Asigra is responding to these challenges and providing guidance on maintaining productive business operations.
According to the US Government’s Cybersecurity & Infrastructure Security Agency (CISA), “The organization has observed continuing ransomware attacks across the country and around the world. Malicious actors have adjusted their ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay. Malicious actors increasingly use tactics such as deleting system backups, which make restoration and recovery more difficult or infeasible for impacted organizations.”
Organizations today have a false sense of security that their backup will be there for them when a ransomware attack occurs. Sadly, a large number of these attacks now target backup data, preventing business recoveries after such attacks. With pandemic-influenced IT trends evolving and a shift in IT solutions and services underway, Asigra has identified the following challenges expected in 2021 and guidelines for operating successfully going forward:
- Ransomware Attacks on Kubernetes Containers: The deployment of Kubernetes-based containers is growing rapidly as it allows software to run consistently between computing environments, making it highly portable, productive and ideal for digital transformation. Along with these advantages comes the generation of massive data volumes, making these new environments prime targets for new ransomware variants. Mitigating these attacks will require an industry-wide approach to ensuring the viability of these environments before, during and after such attacks.
- Cyber-targeting of SaaS-Based Applications: With the increase in distributed enterprise operations and remote work environments, there will be continued adoption of SaaS-based applications. Beyond the flexible use of these applications, they offer cost, time and scalability advantages in many cases. However, they also create a new data source that is vulnerable to ransomware and must be protected.
- AI-Driven Cyberattacks: Artificial intelligence and the technologies that enable it are becoming more advanced. The resulting new capabilities are allowing criminal organizations to conduct more complex and targeted attacks. To counter these more intelligent attacks, organizational defenses must also evolve.
- Ransomware Payments to Become Illegal: The US government has expressed intentions to align the payment of cyber ransoms with the support of terrorist organizations and will likely make these payments illegal. It is expected that other nations will enact such laws as well, especially to defend against possible nation-state sponsored actors. Without the ability to retrieve criminally encrypted data or recover properly, ransomware attacks will become business ending events.
- Managed Security Service Provider Registration with the Government: The US government will move to require MSPs/MSSPs that provide cybersecurity services to register their organizations with the government, adding more regulations as the ransomware trend continues to accelerate.
One method of addressing any of the above challenges is to ensure a viable backup copy is available to restore all data to pre-attack status. This entails a strong defense of the organization’s backup infrastructure, including access to backup software controls. Recent ransomware variants are conducting immutability subversion attacks which are possible because ‘step-up’ or Deep MFA (multi-factor authentication) has not been applied to backup software. Asigra Deep MFA requires credentials for any critical function that could compromise a recovery – providing protection to secure policy settings and controls.
“Organizations need to ready themselves to properly and quickly respond to ransomware attacks regardless of what has been attacked. One way to do this is to make backup data very difficult to hack,” said David Farajun, Chief Executive Officer, Asigra, Inc. “Regardless of the imposing number of routes that ransomware will take in 2021, having a well-planned response plan to get your systems back up and running in the least amount of time will be critical to ensuring business viability.”