MGOVMAGAZINE

20

Report: International Organizations unprepared

for more Sophisticated Ransomware

Solutions: monitoring the network; deploying patches and upgrades on time

A

cybersecurity

report

found

that

organizations are unprepared for future

strains of more sophisticated ransomware.

TheCisco2016MidyearCybersecurityReport

(MCR) warned that fragile infrastructure,

poor network hygiene, and slow detection

rates are providing ample time and air cover

for adversaries to operate. According to the

report’sfindings, the struggle toconstrain the

operational space of attackers is the biggest

challenge facing businesses and threatens

the underlying foundation required for

digital transformation.

The report added that So far in 2016,

ransomware has become themost profitable

malware type in history.

Cisco expects to see this trend continue with

even more destructive ransomware that can

spread by itself andhold entirenetworks, and

therefore companies, hostage.

Faster time to detection of threats is critical

to constrain attackers’ operational space

and minimize damage from intrusions, the

report added.

The Cisco report pointed out that for

attackers, more time to operate undetected

results in more profits. In the first half of

2016, Cisco reports, attacker profits have

skyrocketed due to expanding focus, as

attackers are broadening their focus from

client-side to server-side exploits, avoiding

detection andmaximizing potential damage

and profits.

According to the report, Adobe Flash

vulnerabilities continue to be one of the top

targets formalvertisingandexploit kits. In the

popular Nuclear exploit kit, Flash accounted

for 80 percent of successful exploit attempts.

The Cisco report advises simple steps to

protect business environments, which

included the following:

Improve network hygiene, by monitoring

the network; deploying patches and

upgrades on time; segmenting the network;

implementing defenses at the edge,

including email and web security, Next-

Generation Firewalls and Next-Generation

IPS.

Integrate defenses, by leveraging an

architectural approach to security versus

deploying niche products.

Report