• Distributed Denial of Service (DDOS) Ransom attacks on Cloud service providers will likely increase in frequency. This is when a ransom is demanded before access to your cloud data is restored… be sure your cloud provider who hosts your confidential data has adequate DDOS defenses
  • Breaches of corp networks via unsecured IofT devices have already occurred – Clouds are next
  • Auditing and security assessments are measures that help make up for a lack of available cyber security talent
  • More and more data is moving beyond the corporate perimeter- security that moves with data, enabling consistent policy enforcement will be required; encryption of data at rest when residing in the Cloud is essential and is the only way for the customer to maintain control over cloud based data. This is needed to secure data in the event of a breach. Complicating matters and increasing the risk of a breach, the cloud provider may replicate customer data to another less secure remote data center as part of their backup operations. Less than 20% of an organization’s data ever moves into the cloud, yet 70% of data losses is connected with this movement.
  • Ransomware will attack Internet-enabled devices. We do not yet know why attackers are breaching medical devices that collect patient information, but it is happening and medical data is being exfiltrated. More ominously, medical devices that monitor & control human systems – including pacemakers, insulin pumps, and nerve stimulators – are all becoming Internet enabled.
  • Over reliance on Free Open Source Software libraries in corp software: the short development time lines and pervasive use of third party software is where potential security threats can arise. Unfortunately, when rushing to create a new product, code is often thrown together with minimal security testing leaving products shipped with gaping security holes.
  • If infected with ransomware: Restore from a recent clean back up
  • If this is not possible then check the site: https://www.nomoreransom.org/ for decryption keys and guidance
  • To minimize the effect of a future ransomware attack:
  • Upgrade all end point protection with products like Emsisoft, CrowdStrike or Carbon Black and ensure critical data is backed up on media that is stored off-network

 

[Portions of the above were paraphrased from McAfee Labs 2017 Threat Predictions Report]

Share This