Manufacturing companies were the biggest targets of ransomware attacks in the first half of 2021, according to a new report from a Canadian-based international managed services provider.
39 per cent of the victims listed on data-leak websites of ransomware groups were manufactured goods category.
--> Restrict a software’s ability to run from Windows %appdata% and temp folders.
-->Restrict the web browsing and email use by privileged users such as administrators, who are the main targets of attackers. Have separate accounts for administration and day-to-day computing.
--> Understand what their critical data assets are and how to protect them.
--> Ensure backups are and can’t be encrypted by an attacker.
--> Have a good business continuity plan that can be implemented quickly.
1. Threat Detection and Response
Monitor popular software and SaaS apps on your customers’ endpoints—such as Microsoft 365 — you can detect abnormal behavior, stop it and investigate whether something malicious is happening. Endpoint monitoring and threat detection are the frontline in preventing attacks because any device, phone, laptop, computer, can be an entry point for malware.
Threat detection and response services can include:
2. Risk Assessments
A risk assessment can be a starting point for a discussion around compliance with key security and privacy regulations. A thorough risk assessment includes network vulnerabilities, data compliance issues and even internal threats.
Conduct risk assessments that cover areas such as:
3. Security Operations Center (SOC) as a Service
SOC-as-a-Service can be offered via trusted partners and vendors rather than building an in-house SOC service which can cost millions.
4. Threat Intelligence
Organizations can receive information about emerging threats from an Information Sharing and Analysis Center (ISAC) or other threat intelligence provider. With advance notice of an attack, organizations can scan for vulnerabilities, patch vulnerabilities and get ahead of the hackers.
5. Backup and Disaster Recovery
Without backups and recovery tools, the organization loses revenue and their reputation is at risk.
Having a backup can be the difference between desperately paying a ransom to hackers or simply ignoring them. Plus, even if an organization does pay the demand, there’s no guarantee that the hackers will actually release the data, so having a backup also ensures that an organization can recover data.