easy-accordion-free domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114zoho-flow domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114We\u2019d all like ransomware to be defeated so we can go about our business. That day is not coming in the near future. Instead, and according to the 2023 Verizon DBIR report, r\u2026 Read more on Cisco Blogs<\/a><\/p>\n \u200b<\/p>\n We\u2019d all like ransomware to be defeated so we can go about our business. That day is not coming in the near future. Instead, and according to the 2023 Verizon DBIR report, ransomware \u201c\u2026continues its reign as one of the top Action types present in breaches, and while it did not actually grow, it did hold statistically steady at 24%.\u201d<\/p>\n And the fundamental reason for its longevity of course is financial. As the DBIR pointed out in nearly all breach types, \u201c\u2026the primary motivation for attacks continues to be overwhelmingly financially driven, at 95% of breaches.\u201d<\/p>\n Ransomware is taking on new forms. \u00a0Up until the past year or so, bad actors would typically take steps to infiltrate businesses, then find a way to access as much critical data as they could and encrypt it, then essentially hold this data until the ransom is paid. Ransomware attacks are certainly a frustrating process for businesses, and a rather involved one for bad actors. For attackers, the basic ransom process involves a somewhat diminished payoff, as this multi-player scheme involves profit sharing from other bad actors in the attack chain structure.<\/p>\n When it comes to digital crime these days, never underestimate the greed factor and the ongoing search for a path of least resistance. A trend that has been building recently centers on the thought \u2013 \u201cWhy bother with encryption at all, why not just analyze the data, find what is valuable, and threaten to expose the most crucial and reputation-damaging information?\u201d<\/p>\n For bad actors, this eliminates one of the steps in the attack-chain, but also reduces the need to share the profits with the encryption players (e.g., commoditized source code libraries). \u00a0This type of attack is often referred to as \u201cextortionware\u201d or \u201ccyber extortion,\u201d among other terms.<\/p>\n For bad actors who take the time and effort to analyze the data, there can be additional financial rewards. This new focus is centered on identifying partners and clients of the targeted business and utilizing this group as leverage to convince the targeted business to pay the extortion money \u2013 to avoid the inevitable exposure and consequences of the breach.<\/p>\n We\u2019ve seen in the past that if there are enough repeat types of tactics and techniques frequently occurring, some in the security industry will categorize them, the same situation here. You will likely find variations of methods used in ransomware extortion \u2013 but the following is a very quick summary of at least four known techniques that bad actors have been using, not necessarily in this order:<\/p>\n Single extortion attack \u2013 typical encryption techniques The good news is that most businesses are doing most of what\u2019s required to successfully defend themselves against these types of attacks. But as everyone is aware, these attacks keep occurring, and will continue as long as a financial profit is realizable.<\/p>\n Fundamentally the most successful businesses employ, but are not limited to, three key areas of defense:<\/p>\n SOC Expertise<\/strong> \u2013 human expertise, either in-house or managed, has the final say. Recently Cisco announced Cisco XDR<\/a>, a product that helps to simplify your security operations and to remediate the highest priority incidents with greater speed, efficiency, and confidence.<\/p>\n The name of the game is to be security resilient and to minimize the possibility of attacks such as extortionware. Please check out the Cisco XDR info and demos here<\/a>.<\/p>\n We\u2019d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!<\/em><\/p>\n Cisco Security Social Channels<\/strong><\/p>\n Instagram<\/a><\/strong>Facebook<\/a><\/strong>Twitter<\/a><\/strong>LinkedIn<\/a><\/strong><\/p>\n \u00a0\u00a0Ransomware is evolving. Bad actors are using various methods to increase profits by analyzing and leveraging the victims data and not bothering to encrypt.\u00a0\u00a0Read More<\/a>\u00a0Cisco Blogs\u00a0<\/p>","protected":false},"excerpt":{"rendered":" <\/p>\n We\u2019d all like ransomware to be defeated so we can go about our business. That day is not coming in the near future. Instead, and according to the 2023 Verizon DBIR report, r\u2026 Read more on Cisco Blogs<\/a><\/p>\n \u200b<\/p>\n We\u2019d all like ransomware to be defeated so we can go about our business. That day is not coming in the near future. Instead, and according to the 2023 Verizon DBIR report, ransomware \u201c\u2026continues its reign as one of the top Action types present in breaches, and while it did not actually grow, it did hold statistically steady at 24%.\u201d<\/p>\n And the fundamental reason for its longevity of course is financial. As the DBIR pointed out in nearly all breach types, \u201c\u2026the primary motivation for attacks continues to be overwhelmingly financially driven, at 95% of breaches.\u201d<\/p>\n Ransomware is taking on new forms. \u00a0Up until the past year or so, bad actors would typically take steps to infiltrate businesses, then find a way to access as much critical data as they could and encrypt it, then essentially hold this data until the ransom is paid. Ransomware attacks are certainly a frustrating process for businesses, and a rather involved one for bad actors. For attackers, the basic ransom process involves a somewhat diminished payoff, as this multi-player scheme involves profit sharing from other bad actors in the attack chain structure.<\/p>\n When it comes to digital crime these days, never underestimate the greed factor and the ongoing search for a path of least resistance. A trend that has been building recently centers on the thought \u2013 \u201cWhy bother with encryption at all, why not just analyze the data, find what is valuable, and threaten to expose the most crucial and reputation-damaging information?\u201d<\/p>\n For bad actors, this eliminates one of the steps in the attack-chain, but also reduces the need to share the profits with the encryption players (e.g., commoditized source code libraries). \u00a0This type of attack is often referred to as \u201cextortionware\u201d or \u201ccyber extortion,\u201d among other terms.<\/p>\n For bad actors who take the time and effort to analyze the data, there can be additional financial rewards. This new focus is centered on identifying partners and clients of the targeted business and utilizing this group as leverage to convince the targeted business to pay the extortion money \u2013 to avoid the inevitable exposure and consequences of the breach.<\/p>\n We\u2019ve seen in the past that if there are enough repeat types of tactics and techniques frequently occurring, some in the security industry will categorize them, the same situation here. You will likely find variations of methods used in ransomware extortion \u2013 but the following is a very quick summary of at least four known techniques that bad actors have been using, not necessarily in this order:<\/p>\n Single extortion attack \u2013 typical encryption techniques The good news is that most businesses are doing most of what\u2019s required to successfully defend themselves against these types of attacks. But as everyone is aware, these attacks keep occurring, and will continue as long as a financial profit is realizable.<\/p>\n Fundamentally the most successful businesses employ, but are not limited to, three key areas of defense:<\/p>\n SOC Expertise<\/strong> \u2013 human expertise, either in-house or managed, has the final say. Recently Cisco announced Cisco XDR<\/a>, a product that helps to simplify your security operations and to remediate the highest priority incidents with greater speed, efficiency, and confidence.<\/p>\n The name of the game is to be security resilient and to minimize the possibility of attacks such as extortionware. Please check out the Cisco XDR info and demos here<\/a>.<\/p>\n We\u2019d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!<\/em><\/p>\n Cisco Security Social Channels<\/strong><\/p>\n Instagram<\/a><\/strong>Facebook<\/a><\/strong>Twitter<\/a><\/strong>LinkedIn<\/a><\/strong><\/p>\nRansomware on the rise <\/strong><\/h2>\n
But that\u2019s not the whole story<\/strong><\/h2>\n
Encryption to some bad actors is passe\u2019<\/strong><\/h2>\n
And what about that Data?<\/strong><\/h2>\n
How far has this extortionware gone?<\/strong><\/h2>\n
\nDouble extortion attack \u2013 exfiltrate data first, then encrypt, threaten to expose data
\nTriple extortion attack \u2013 as in the above but leveraging the victim\u2019s customers and partners
\nQuadruple extortion attack \u2013 adding insult to injury above, threatening to attack the victim\u2019s web servers with a DDoS attack.<\/p>\nWhat is a business to do?<\/strong><\/h2>\n
\nAdvanced Security Tools<\/strong> \u2013 utilizing XDR, AI, Automation, and other key capabilities to reduce detection and remediation times and to minimize human error, as well as triage, investigations, and incident response.
\nBest Practices<\/strong> \u2013 to answer simple questions such as (1) does your security staff have specific roles when a breach occurs, (2) besides having a plan, has it been tested? and (3) is IT, SecOps, and other stakeholders bought into the plan?<\/p>\nExample of an Advanced Security Tools<\/strong><\/h2>\n
Ransomware on the rise<\/span> <\/strong><\/h2>\n
Ransomware on the rise <\/strong><\/h2>\n
But that\u2019s not the whole story<\/strong><\/h2>\n
Encryption to some bad actors is passe\u2019<\/strong><\/h2>\n
And what about that Data?<\/strong><\/h2>\n
How far has this extortionware gone?<\/strong><\/h2>\n
\nDouble extortion attack \u2013 exfiltrate data first, then encrypt, threaten to expose data
\nTriple extortion attack \u2013 as in the above but leveraging the victim\u2019s customers and partners
\nQuadruple extortion attack \u2013 adding insult to injury above, threatening to attack the victim\u2019s web servers with a DDoS attack.<\/p>\nWhat is a business to do?<\/strong><\/h2>\n
\nAdvanced Security Tools<\/strong> \u2013 utilizing XDR, AI, Automation, and other key capabilities to reduce detection and remediation times and to minimize human error, as well as triage, investigations, and incident response.
\nBest Practices<\/strong> \u2013 to answer simple questions such as (1) does your security staff have specific roles when a breach occurs, (2) besides having a plan, has it been tested? and (3) is IT, SecOps, and other stakeholders bought into the plan?<\/p>\nExample of an Advanced Security Tools<\/strong><\/h2>\n