Comment from Semperis on the JCNSS ransomware report
December 2023 by Semperis
The comment below from Dan Lattimer, VP UK & Ireland, Semperis on the report A hostage to fortune: ransomware and UK national security, from JCNSS.
The JCNSS report should come as no surprise to anyone as ransomware is the single biggest risk facing organisations today. So where does that leave public and private organisations being attacked on a daily basis?
First, it doesn’t pay to pay a ransom demand as we only further fuel the burgeoning global ransomware economy. Second, you can’t pay your way out of ransomware, ever.
Organisations can gain the upper hand on ransomware actors by improving how they first detect the threat and then bolstering their resiliency against it as well as recovery times if impacted.
In practice, this means understanding what your critical systems are (including infrastructure such as Active Directory) before attacks occur. Regularly conducting tabletop exercises that simulate the recovery of these critical systems before an incident occurs is also important. Preparation in advance can make organisations sufficiently difficult to compromise, so that hackers will look for softer targets.
Companies should also monitor for unauthorised changes occurring in their Active Directory environment which threat actors use in most attacks - and have real-time visibility to changes to elevated network accounts and groups. In addition, roll out security awareness training to all employees in 2024 because the weakest link in an organisation’s ecosystem are employees that unsuspectingly click on malicious links.
Whilst the report may be worrying to some, the truth is that disruptions due to ransomware don’t have to be the norm for any organisation.