Asigra Inc. recently highlighted five ransomware risks expected to impact organizations in 2021, partly driven by an increase of sophisticated ransomware attacks around the globe. With coronavirus-influenced IT trends evolving and a shift in IT solutions and services underway, Asigra identified the five imminent challenges projected for 2021, as well as guidelines for operating successfully in the future.
According to the US Government’s Cybersecurity & Infrastructure Security Agency (CISA), “the organization has observed continuing ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay. Malicious actors increasingly use tactics such as deleting system backups, which make restoration and recovery more difficult or infeasible for impacted organizations.”
The ransomware risks expected to impact 2021 are the following:
- Ransomware Attacks on Kubernetes Containers: Kubernetes-based containers are being deployed at an increasing rate as they allow software to run consistently between computing environments, making it highly portable and ideal for digital transformation. However, these environments are also prime targets for new ransomware variants. Mitigating these risks requires an industry-wide approach to ensuring the viability of these environments throughout ransomware attacks.
- Cyber-targeting of SaaS-Based Applications: As the amount of distributed enterprise operations and remote work environments increase, there will be continued adoption of SaaS-based applications. These applications often offer flexibility, time, and scalability advantages. However, they also create a new data source that is vulnerable to ransomware attacks.
- AI-Driven Cyberattacks: Advanced artificial intelligence capabilities are enabling cyber-criminals to execute more complex and targeted attacks. To defend against these advanced threats, organizations must improve their defense strategies.
- Ransomware Payments are Becoming Illegal: The US government has expressed its intent to align the payment of cyber ransoms with the support of terrorist organizations and will most likely make these payments illegal. It is also expected that other countries will enact similar laws, especially to defend against potential nation-state sponsored actors. Without the possibility of retrieving criminally encrypted data or recovering properly, ransomware attacks will potentially destroy businesses.
- Managed Security Service Provider Registration with the Government: The US government will move to require MSPs/MSSPs that offer cybersecurity services to register their businesses with the government, adding more regulations as the ransomware trend continues.
One way to address any of the above challenges is to ensure a backup is available to restore all data to pre-attack status. This involves a strong defense of the enterprise’s backup infrastructure, including access to backup software controls.
In a media statement, David Farajun, Chief Executive Officer of Asigra, said, “organizations need to ready themselves to properly and quickly respond to ransomware attacks regardless of what has been attacked. One way to do this is to make backup data very difficult to hack. Regardless of the imposing number of routes that ransomware will take in 2021, having a well-planned response plan to get your systems back up and running in the least amount of time will be critical to ensuring business viability.”
To learn more about Asigra, click here.