Policy Insights: CISA’s “2021 Trends Show an Increased Globalized Threat of Ransomware”

The US Cybersecurity and Infrastructure Security Agency (CISA) shared a joint cybersecurity advisory on how 2021 Trends Show an Increased Globalized Threat of Ransomware.

Policy Insights:

Dan Schiappa, Chief Product Officer at Arctic Wolf:

“Despite the incessant headlines and mainstream attention over the last year, the ransomware epidemic is far from over. CISA’s joint cybersecurity advisory highlights the urgent actions organizations must take to protect themselves from high-impact ransomware incidents, specifically targeting critical infrastructure organizations across the world. As IT (Information Technology) and OT (Operations Technology) systems continue to converge, having adequate protection in place will alleviate expensive remediation efforts, lost profits and costly downtime.

Organizations within the critical infrastructure sector, such as those in the oil and gas industry, have a lot at stake – especially if a ransomware attack affects operations. We saw this firsthand with the Colonial Pipeline attack of 2021. In fact, the FBI, CISA, and NSA disclosed cybercriminals were leveraging ransomware tactics and targeting 14 of the 16 U.S. critical infrastructure sectors including government facilities, thus causing the potential for additional nation-state attacks. In this type of environment, no one is safe – and many organizations face shared challenges when attempting to manage their own internal security operations centers (SOCs).

With ransomware’s success targeting organizations of all sizes and across various industries, this business model has evolved into an incredibly sophisticated and organized operation. If hackers are working together, we must too. To mitigate potential threats, organizations need to work with a partner that provides capabilities that amplifies their existing resources.

It’s easy to focus on the sophisticated response to this, but It’s an understatement to say that security basics should not be overlooked. Organizations need to implement a user training program to help employees build resilience against potential threats – such as phishing attacks, social engineering, and credential theft. In fact, 60% of executives believe their individual employees lack the ability to identify a cyberattack; coupled with 2020’s 64% increase in phishing and ransomware attacks, there’s no doubt that businesses must put security at the forefront of culture. Given this, organizations need to be held accountable for prepping their employees – regardless of whether they are an intern or in the C-Suite – on identifying a well-orchestrated phishing or ransomware attack when it occurs. Leveraging third-party resources can help encourage employees to engage in training and provide them with content that focuses on real-world threat tactics. A well-developed training program can empower employees to effectively identify and mitigate threats in the early stages while strengthening their security posture congruently.