Cyber Insiders - Magazine - Page 19
1. Expensive software is all you need to
stay safe
2. Ransomware is executed
clicking a nefarious link
The human element of cybersecurity cannot be
DAs has already been touched upon, a click isn’t
ignored in favour of a software only approach. A
always fatal. Contrary to what popular films
threat specialist can provide context, decisions
would have you believe, threat actors don’t
and remediation actions that software alone
attack immediately upon gaining access to a
cannot.
network.
Today’s
threat
actors
are
highly
upon
sophisticated and behave more like professional
criminals, software alone simply isn’t enough to
Ransomware attacks consist of many stages
protect you.
before the actual attack is launched. A click is not
the only initial vector that can be used in a
For organisations with valuable information and
ransomware attack – compromised credentials,
deep pockets, the attack is likely to be targeted
unpatched systems etc are also common and
and precise. If motivated enough, a threat actor
these initial vectors are separate from phishing.
will find a way to circumnavigate your software,
therefore, around-the-clock threat monitoring
There are opportunities at each phase to halt the
and
attacker.
detection
and
ongoing
vulnerability
management should be an essential part of your
first line of cyber defence.
However, the window to detect, contain and
Even after a malicious link has been clicked, with
attacker is inside your systems.
eliminate the attacker narrows the longer the
the right team supporting you on the ground the
attacker’s journey can be derailed, contained and
prevented from achieving its objective, thereby
stopping or minimising the impact to your
Often,
attackers
begin
with
reconnaissance,
looking to identify a vulnerability and the best
way to exploit it. When this phase is completed,
business.
they will apply what they’ve learned and use it to
David Calder, Chief Product Officer at Adarma
phishing emails or establishing beach heads.
shape their attack, perhaps crafting credible
explains, “It’s important to recognise that the
journey
full
By the time of the attack, the cyber intruder may
ransomware compromise needs many steps – the
have been lurking in your system for months,
ideal is to remove potential attack paths but,
disabling firewalls and preventative, detective
where this can’t be accomplished, monitoring and
and recovery systems. In fact, the initial breach
disrupting
made months ago might have been performed by
position.”
from
an
their
initial
use
foothold
must
be
to
the
a
fallback
one group and then sold to another for payload
execution much later.
CYBER INSIDERS MAGAZINE
19