March 2021 Roundup – Latest News, Trends & Updates in Data Centric Security
More Solutions Doesn’t Mean More Protection
New research has found that running multiple protection and cybersecurity solutions simultaneously did not prevent data loss in many organizations last year.
The finding was part of the second annual Cyber Protection Week survey conducted by global technology company Acronis. Researchers asked 4,400 IT users and professionals in 22 countries across six continents about their cybersecurity solutions.
The results showed that while 80% of companies now run up to 10 different solutions simultaneously to protect their data and computer systems, more than half of those organizations suffered unexpected downtime in 2020 after losing data.
Deploying a plethora of cybersecurity solutions isn’t going to solve any cybersecurity problem. Merely adding more solutions isn’t always the best route out. Cybersecurity solutions have to be tailored to suit the requirements.
Security leaders need the visibility to understand what they are investing in and why they are investing in such tools. They need to identify the assets that require cybersecurity solutions. They need to devise strategies based on their organizational needs.
Every business is unique in its own way and adopting a general cybersecurity approach will not suffice. They need a clear understanding of the roles and responsibilities, various operational processes, tools and technologies, metrics and measurements, and governance model that is best suited for their organization.
Ransomware and IoT Malware Detections Surge by Over 60%
Last year saw a double-digit surge in ransomware, IoT threats, new malware and cryptojacking, in what SonicWall has described as a “tipping point” in the cyber-arms race.
The security vendor’s 2021 SonicWall Cyber Threat Report is compiled from data taken from over one million global sensors and cross-vector threat information shared among SonicWall security systems.
Ransomware threats spiked 62% globally and 158% in North America as more sophisticated variants like Ryuk targeted larger organizations with multi-staged attacks. The retail (365%), healthcare (123%) and government (21%) sectors were particularly badly hit during the pandemic.
Ransomware and Malware are not a new phenomena. These programs have become more sophisticated, moving from mass-deployed phishing campaigns to highly targeted, well-researched attacks on larger enterprises with the means to pay.
Organizations have to revisit their data protection strategies to ensure all endpoint devices are secure, properly backed up, and recoverable. As active and inactive data are both vulnerable to attacks, organizations have to review how and where their data is downloaded, stored, and protected.
Manufacturing Firms Learn Cybersecurity the Hard Way
Manufacturing firms have become a top target of cybercriminals, extortionists, and nation-state groups, with 61% of companies experiencing a cybersecurity incident affecting their factories and three-quarters of those incidents taking production offline, according to a report published by cybersecurity firm Trend Micro on Monday.
The different challenges and viewpoints mean that IT and OT groups should be collaborating on cybersecurity, but only 12% of groups are working together, says William Malik, vice president of infrastructure strategies at Trend Micro.
The manufacturing industry has traditionally been an industry focused on performance and safety, but never on security. Therefore, its security systems were developed when security was hardly an issue.
This has led to huge security gaps in the system making it an easy target for hackers who are well aware that their networks are often unprotected, and the right tools and processes are not in place.
However, if sensitive intellectual property is stolen by hackers not only does production go down but the impact can be irreversible with millions in revenue potentially lost. Therefore, manufacturers must adopt a highly proactive mindset and approach to securing their intellectual property..
Ghost Users Haunt Healthcare Firms
More than three-quarters (77%) of healthcare companies have 500 or more accounts with passwords that never expire, while 79% have more than 1,000 ghost users — user and service accounts that are inactive but still enabled, according to new Varonis research.
The data security report, which analysed 3 billion files across 58 hospitals, pharmaceutical firms, and biotechnology companies, also found nearly 20% of all files are accessible to every employee.
The average healthcare organization has 31,000 sensitive files — including those that include HIPAA-protected information, financial data, and proprietary research — open to everyone, according to a summary of the findings.
The healthcare industry including hospitals, biotech, and pharmaceutical firms store lots of personal information and proprietary research.
On average one in ten sensitive files is opened to every employee leaving scope for insider attacks. Such information is in huge demand in the black market leading to huge profits from such transactions.
Data-centric security solutions are more readily available now than before. They allow for better protection through encryption, access monitoring, and logging of unusual activity.
Nowadays these security solutions are available at better pricing and are affordable. The importance of data security management in the healthcare industry cannot be underestimated.
They need focused data-centric solutions that would eliminate vulnerabilities from the network and one that will reduce the risk of human error as well.
Ransomware Incidents Continue to Dominate Threat Landscape
Cisco Talos’ IR engagements found attackers relied heavily on malware like Zloader and BazarLoader to distribute ransomware in the past three months.
Ransomware operators relied heavily on a handful of commodity Trojans, open-source reconnaissance tools, and legitimate Windows utilities to execute many of their attacks during the past quarter, according to data from incidents handled by the Cisco Talos Incident Response (CTIR) team.
The data, collected from customer locations between November 2020 and January 2021, showed attackers continuing to overwhelmingly use phishing emails with malicious documents to deliver Trojans for downloading ransomware on victim systems.
Ransomware is an ever-evolving malware that encrypts files on a device making them unusable. Ransomware attackers often target and threaten to sell the leaked information or data if the ransom is not paid.
Sometimes even after paying a sufficient amount, there is no guarantee that the files will be recovered. Not only huge amounts of money are lost but reputation is also at stake here.
Automated protected data backups enable an organization to restore some of the data. Therefore, regular data backups are very important. As high volumes of data are frequently subjected to ransomware attacks, it is crucial for organizations to adequately apply data-centric solutions to protect their data.
58% of data backups are failing, creating data protection challenges
Data protection challenges are undermining organizations’ ability to execute Digital Transformation (DX) initiatives globally, according to the Veeam Data Protection Report 2021, which has found that 58% of backups fail, leaving data unprotected.
The report revealed that against the backdrop of COVID-19 and ensuing economic uncertainty, which 40% of CXOs cite as the biggest threat to their organization’s DX in the next 12 months, inadequate data protection and the challenges to business continuity posed by the pandemic are hindering organizations’ initiatives to transform.
According to the above report data backup services are failing. Backups generally fail due to missing or damaged tapes or backup disk failures.
Some of the programs that run these backups may not be fool-proof and the disk usage may grow beyond the capacity of the backup media.
Therefore, it is important to triage which data is most critical and then create restore strategies for it. If data backup fails, the data remains unprotected which is a huge concern for businesses.
Hence, organizations have to ensure that their data is protected. With adequate data protection, no matter where an organization’s unstructured sensitive data is present it remains secure.