Shields Up: Is Your Ransomware Protection What It Should Be?
The recent ‘Shields Up’ initiative from the Cybersecurity and Infrastructure Security Agency (CISA), an effort to warn businesses and critical infrastructure operators to prepare for cyberattacks coinciding with the imminent Russian invasion of Ukraine, may have one critical weak spot: ransomware protection.
CISA, the FBI, and an assortment of other federal agencies have spent the last several weeks wargaming the likely cyber scenarios stemming from the conflict in Ukraine. Among the top concerns is a series of sophisticated, state-supported ransomware attacks like those that took down Colonial Pipeline , JBS Foods and Kaseya in 2021.
However, organizations that are still running legacy antivirus technology, or even those who have deployed more mature technologies (including from several Cybereason top competitors) are not protected from sophisticated, multi-stage ransomware.
Complex RansomOps have evolved to better evade standard defenses. Targeted attacks stand a high chance of success against underprepared environments, making a behavior-based approach to prevention, detection, and response required for success.
A critical component to ending ransomware is time. Cybereason addresses this challenge by approaching ransomware as a big data problem. A ransomware operation should result in a single notification.
Attackers exploit the time security operations centers (SOCs) spend triaging alerts to advance their attack. We built our solution to cut down on this triage time with the MalOp™ (malicious operations) approach.