Yusuf On SecuritySecurity news, opinion and advice

Ransomware attacks are data breaches

Ransomware attacks are often seen as just nuisance when you have a good backup. However it is a disaster for many businesses when you have no fallback.

Remember a ransomware is a monster with two heads. One, it denies you access your data. Two, what is often not talked about is the fact an intruder (well, in the form of a malware) came into your system and scrambled your files. This effectively constitutes loss of control as someone had laid their hands on your files. They surely had the ability to take your data out of your environment regardless whether the data was encrypted (by you) or not. Often times the majority of organisations don’t have a policy to encrypt data at rest.

Recently the cyber criminals have started to switch gear and threaten victims who don’t pay up to release data they smuggled out. They are also using this as a form of public shaming for those victims who try to swipe the incident under the carpet by just recovering their files from a backup.

We will see this last tactic more often and the best remedy is encrypting your data at rest.

Join the discussion

Further reading

What will it take?

A great piece on what it will take to improve the safety of the connected world. Read it here.

Extended detection and response (XDR)

Extended detection and response (XDR) captures threat data from previously isolated security tools throughout the organizations tech stack to enable...

Log4j Vulnerabilities

Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called...

Recent podcasts