In a recent Skout Threat Advisory (0032-21), they reported that the “ransomware group responsible for the Colonial Pipeline attack has struck again:” On May 14, the new target was the European subsidiaries of Toshiba. The DarkSide ransomware gang “launched an attack on Toshiba’s European networks and some of the networks were shut down in response thus halting revenue capability for the organization.
While it is unclear how the intrusion occurred, it is noted that “customer-related information was not leaked externally” but that cannot be confirmed as it relates to other corporate data. The sophistication of these attacks is causing the technology engines to sputter and constantly review security policies to keep cybercriminals at bay.
So, what can be done to increase your protection against Ransomware? Here are some recommendations that companies should consider:
1. Strong Password Policy
· Do not reuse passwords
· Have a minimum password history
· Enforce password strength policies
· Ensure that passwords are not recycled
2. Keep systems patched with the latest security updates
3. Remove all unsupported operating systems
4. Ensure services such as RDP are not open to the Internet with Static Addresses
5. Install Endpoint Protection software
6. Deploy business continuity backup solutions that also save to the cloud like Datto SIRIS appliances.
REFERENCES:
コメント