TECHNOLOGY
Learning and adapting following the WannaCry attack Now , organisations must continue to protect themselves from such attacks , particularly as cyber criminals increasingly look to target large numbers of employees through a series of attacks using tailored techniques or dynamic websites to outsmart IT teams and bypass security systems .
This , notes Curran , “ has an alarmingly high success rate and can be very hard to detect , especially given the rise in hybrid working – which has introduced more devices than ever to companies ’ networks ”.
“ Most organisations will have built policies and procedures that protect individuals and the organisation ’ s infrastructure , but it is unlikely that they have this level of contingency plan in place – meaning the all new , work-from-home culture is still being tried and tested .”
Smith also warns about the impact ransomware could have , with threats of a Distributed Denial of Service ( DDoS ) attack used as a triple extortion or to contact the organisation ' s customers as a quadruple extortion .
He explains : “ With previous ransomware , the impact was downtime or unavailable data . With double , triple and even quadruple-extortion , organisations are being pushed from corrective controls centred on asset and data availability , such as backup and recovery , to detective and preventive controls focused on integrity and confidentiality . We are essentially being forced to adapt again and again to attacker behaviour – the threat landscape requires constant evolution .”
To move forward and ensure organisations are well protected , IT departments must be able to maintain proficient security protocols or policies for years to come . To ensure this is done well , IT security staff should be increased with sufficient training .
cybermagazine . com 95