Wed, Sep 9, 2020
Louisa Vogelenzang Discusses the Rise in Ransomware Attacks with Ausbiz TV
In an interview with Australian Business (Ausbiz) TV, Louisa Vogelenzang, Associate Managing Director in the Identity Theft and Breach Notification (ITBN) practice of Kroll, a division of Duff & Phelps, discussed the unexpected 150% increase in ransomware attacks from January to June this year.
During her interview, Louisa highlights how ransomware attacks and techniques have evolved and the impact of work-from-home arrangements on business security. She also shares valuable insights for employees and organizations to safeguard themselves from these attacks. Louisa emphasizes the need to create a robust response plan that is practiced and updated regularly, the need to educate employees on how to spot and report suspicious activities and train employees to follow basic cyber guidelines to protect themselves.
Key points covered in the interview:
- The rise of ransomware attacks in Australia
- How ransomware attacks have evolved
- Best practices for employees and organizations to improve cyber security posture
Notable Passages from the Presentation
The Rise of Ransomware Attacks in Australia
“Well, the recent notifiable data breaches report from the OAIC report a 150% increase in the number of ransomware attacks between January and June of this year, compared to the previous six months. From more than the steps that businesses can take to better prepare themselves.
How Ransomware Attacks Have Evolved
“So, I think it's a general trend that we've been seeing over time anyway, and in particular we've seen the threat actors more recently behind ransomware changing and evolving their techniques a little bit. So when previously they might have tried to encourage an employee to click on a phishing link to download that ransomware. They're now directly breaking into systems and networks, and they are looking for the optimum place to place that ransomware. And while they're there, they're looking for sensitive data, information, IP that they can take a copy of while they're there, and use that to further extort the organization by threatening to release that data.” – Louisa Vogelenzang
Yeah, so I think there's been a few key trends that we've seen from the work from home move. Firstly, of course, organizations had to scramble to enable their employees to work from home. So in some cases that meant they didn't have enough corporate devices to give those employees. So they had to connect to using a personal device and that could have introduced vulnerabilities into a network. And then they've had to open up their networks more broadly. And, with that, even if they were using something like a VPN to encrypt that data flow, if it's not patching up to date, there's some vulnerabilities there. And also maybe if they haven't turned on multifactorial authentication, so that's username password and then a code that sent to your phone. If that's not turned on, then that's also introducing vulnerabilities to things like Cloud email.
Best Practices for Employees and Organizations to Improve Cyber Security Posture
“I think the first thing any business should do is understand that it's not a matter of if, but when, a cyber-attack is going to happen at some point. So the most important thing you can do is plan for that. So it's having a really robust incident response plan that is practiced and updated regularly. And that also includes specific scenarios like ransomware, like data breaches as well. So you know exactly what you're going to do when that attack occurs. Secondly, enabling employees to be educated in how to spot something suspicious going on within your networks and having the right communications flow so they can report those things that they see. And then last but not least some basic cyber hygiene. So things like enforcing really strong password policies, having multifactor authentication turned on, making sure you're patching and last but not least having those viable backups.” – Louisa Vogelenzang
Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.
Identity Theft and Breach Notification
Services include drafting communications, full-service mailing, alternate notifications.
Proactively monitor, detect and respond to threats virtually anywhere – on endpoints and throughout the surface, deep and dark web.
Data Breach Call Center Services
A notification letter can generate lots of questions for those affected by a data breach. Kroll’s call center services are provided by skilled representatives who know how to handle difficult questions and stand at the ready to serve your breached population.
Cyber Risk Assessments
Kroll's cyber risk assessments deliver actionable recommendations to improve security, using industry best practices & the best technology available.
Responding to the Critical MOVEit Transfer Vulnerability (CVE-2023-34362)
Jun 07, 2023
by Scott Downie, Devon Ackerman, George Glass, Dave Truman
The Debt Ceiling—This Time is Different
May 19, 2023
KAPE Quarterly Update – Q1 2023
May 18, 2023
by Eric Zimmerman, Andrew Rathbun
Q1 2023 Threat Landscape Report: Ransomware Groups Splinter, Swarm Professional Services
May 17, 2023
by Laurie Iacono, Keith Wojcieszek, George Glass