Exposure Extortion
Ransomware’s relative, exposure extortion, was a prevalent strategy in 2021, along with ransomware itself. As a result, some criminals are abandoning ransomware (which requires a great deal of effort) in favor of extortion through exposure. Criminals steal data, sometimes selling it to rivals, pressing victims to pay by alerting their customers and partners that their data will be revealed if the business does not pay, and then revealing the data on a data leak site or selling it on a Dark Web marketplace.
Third-party extortion services and data leak sites make it simpler for criminals to undertake extortion assaults. Since exposure extortion does not need the development or purchase of software, it has cheaper startup costs than ransomware. Data theft is as simple as hacking into a company. Afterward, a third-party extortion service might handle the extortion infrastructure and procedures. Ransomware gangs like Conti give playbooks containing methods to assist the criminals to elude detection, stay in the environment longer, select the greatest sorts of data to steal, and learn how to exploit conventional IT systems to spread their reach further, quicker, and more effectively. This allows crooks to get access to more sensitive information, which increases the reward for both parties.
Reduce your chance of being extorted by learning how to protect yourself. Our top cybersecurity threats blog has a section on widespread vulnerabilities/zero-day exploits, and similar suggestions apply here as well! Additional things to include:
Put in place effective DLP policies and procedures. For a low price, you may acquire DLP software with cloud and on-premises support, real-time analysis, and the ability to cover the whole lifespan of the data.
Reduce the amount of data you keep. It’s dangerous to handle data. A data breach might jeopardize your company’s brand and legal compliance. In order to know what data you have, where it’s being held, how long it will be retained, and who has access to it, do an inventory of your assets and data. Then, determine what data you need and get rid of the rest. Risks may be reduced by reducing your data.
Attacks on the Technology Supply Chain
In order to swiftly infiltrate hundreds or even thousands of businesses, attackers make use of technology providers. Customers are already sueing Kronos for the service interruption and rippling consequences of the Kronos labor management platform hack and the Netgain healthcare service provider hack. Occasionally, hackers attack a service provider and spread their malicious code to other networks or widely circulated products. Other times, they break into a cloud service and steal client information stored there. Regardless of the exact model, cyberattacks on the technology supply chain were significant in 2021 and will continue to be so in 2022.
With the FTC’s recent warning that firms MUST take reasonable efforts to safeguard consumer data from Log4j and other known vulnerabilities, the repercussions of supplier exploits have now grown. The FTC is now threatening legal action. If your company relies on several software programs, online applications, and cloud platforms—and even if it directly connects to your business partners’ systems—then your technology providers are critical to your security. Cybersecurity dangers of 2021 and 2022 are rising, so here are some ways to keep yourself safe.
Check out technology providers, such as service providers, cloud vendors, software developers, and other players. When securing your surroundings, you need to know where you stand.
Restrict access. You may reduce your work and supply chain cybersecurity risks by restricting suppliers’ access to your IT resources and sensitive data. Suppliers often have more access than they need, which increases the danger they bring to your company. Ensure that suppliers have just the access they need to complete their work by annually assessing their access.
Your own company and your suppliers should be held to clearly defined standards. An ideal starting point for defining baseline standards are frameworks like ISO27001 or the NIST Cybersecurity Framework. There are further program recommendations available in this supply chain security checklist.
Delegating cybersecurity standards to suppliers ensures that both parties understand and agree on the terms. Consider documenting and setting a timeframe for requests for improvements when required. Contractually mandate all of your suppliers and partners to notify you immediately if they become aware of any security breach or significant exploit.
You should frequently check up on your suppliers throughout the selection process for new ones. Inquire about your suppliers’ security or potential suppliers, and make sure they satisfy your criteria.
Your vendors should be regularly screening their supply chains. NIST’s Cybersecurity Framework includes a section on supply chain risk management (ID.SC), which providers may utilize as a basis for their vetting processes.
When preparing for a disaster, be sure to include essential suppliers. Set up collaborative action plans for any exploits or incidents with your major suppliers and get to know their cybersecurity practices inside and out. If there is an event, the structure provided by this method may help speed up the reaction time.
Obtain vendor support for standard software vulnerability management practices, such as crucial software fixes. ” A solid patch and update management policy may help you restrict your vulnerability to supply chain cybersecurity gaps that criminals are targeting. Supply chain software breaches may be reduced by quickly installing security upgrades.
Conclusion
The dangerous environment in cyberspace is evolving. The threat environment is constantly evolving, and you need to keep up with it to be prepared. You may stay ahead of the cybercriminals by using effective risk management measures!