According to a joint Cybersecurity Advisory, released by CISA yesterday, ransomware incidents increased in sophistication and made a larger impact on critical infrastructure globally. Some sectors hit by ransomware include the Defense Industrial Base, Food and Agriculture, Government Facilities, IT sectors.
CISA reports gaining access through stolen credentials, using cybercriminal services-for-hire and threat actors sharing victim information with each other were among the trends of 2021. They also found threat actors are beginning to shift away from “big-game” victims and are moving to more mid-sized victims due to the blowback seen in early 2021.
CISA states ransomware groups have increased their impact by:
- Targeting the cloud
- Targeting managed service providers
- Attacking industrial processes
- Attacking the software supply chain
- Targeting organizations on holidays and weekends
We wanted to highlight some of the mitigations recommended by CISA to reduce the risk of ransomware incidents:
- Keep all operating systems and software up to date
- Implement user training program and phishing exercises
- Require MFA and strong passwords
- Segment networks
- Enforce principle of least privilege
For the full CISA alert and additional guidance see LINK.