It’s been a month since the WannaCry ransomware attack infected banks, hospitals and government agencies in more than 150 countries. As more digitization occurs in business, ransomware and other threats will only become more pervasive and frequent as nation-states and underground criminal organizations use cyberspace to further their objectives.
WannaCry demonstrated just how widespread and disruptive a ransomware attack can be, and how privileged user accounts continue to hold high value for attackers as they seek access to companies’ IT infrastructures.
Many organizations are aware of the need to strengthen how they identify and protect privileged users, but still struggle to control and manage privilege access to their critical systems. This is made more complicated by the fact that despite training and sharing security best practices, studies show employees continue to have a lack regard for IT rules. Bomgar’s recent Secure Access Threat Report found that 61% of respondents were concerned with administrative or privileged credentials will be phished from an employee and found that only half (54%) of organizations conduct annual training to keep insiders aware of security processes and, shockingly, only 53% include this training as part of induction for new employees.
It’s fair to make the analogy that businesses worldwide are in an “arms race” to keep defenses on pace with the types of attacks that are becoming more common and more impactful. As businesses seek to create a stronger security profile at both an organizational and individual level, here are some key questions to consider:
What assets are most attractive to cybercriminals?
The eventual goal of the attacker is to be financially or reputationally profitable, whether they themselves use your stolen information for personal gain, sell it on the black market or just wreak havoc on your company’s reputation.
What are the common modes of attack?
The use of phishing emails containing malware is the top mode of infiltration due to its ease of execution and high success rate. Through successful phishing, cybercriminals can deposit ransomware such as WannaCry in computers and demand payment. Phishing is also used to trick victims into disclosing their credentials which can then be traded on the black market or leveraged to execute further attacks. Successful phishing may also potentially allow sponsored hackers to infiltrate targeted networks and then deploy a variety of stealthy techniques to extract valuable data over a long period. Such attacks are known as Advanced Persistent Threats (APT).
How can organizations prevent or prepare for such attacks?
At Bomgar, we connect people with technology by controlling access while enabling secure collaboration – learn more about how our solutions can help improve your organization’s security posture.