Prestige Ransomware Attack

Prestige Ransomware Attack Highlights Need to Update Cyber Security

SHARE

On October 11, a Russian-based threat group known as IRIDIUM carried out a series of coordinated attacks. Victims included organizations that provide or transport military and humanitarian assistance to Ukraine. The Prestige ransomware attack and other recent attacks serve as an indicator of ransomware trends and a reminder of the need for improved security.

Prestige Ransomware Attack Suggests Cybercrime Patterns

The ransomware landscape has evolved quickly in recent years as technology and cyber security awareness continue to advance. On the one hand, as organizations implement tamper-resistant backups and more sophisticated malware detection, they significantly reduce the risk of data loss. On the other, attackers continually adjust their attack methods.

An overview of several key ransomware attacks in 2022 illustrates some of the current trends.

    • Prestige – The Prestige ransomware attack mentioned above presents an example of a state-sponsored cyber-attack. In this case, Russia launched a targeted attack as an apparent warfare tactic focused on disrupting infrastructure. We have seen numerous such attacks around the world in recent years.
    • Nvidia – Early in 2022 a ransomware attack hit Nvidia, the world’s biggest semiconductor chip manufacturer. While Nvidia responded quickly to the attack, the event highlights the fact that even companies with strong security experience attacks.
    • Daixin ransomware group – The Daixin group attacked AirAsia this month, acquiring personal data for all the airline’s employees and five million passengers. According to the FBI, the group has been actively attacking U.S. businesses for some time, specifically targeting healthcare organizations.
    • CommonSpirit Health – Last month, threat actors launched a ransomware attack against CommonSpirit Health, a system that operates over 1000 healthcare facilities nationwide. As a result of the attack, system outages in multiple locations caused troublesome delays in medical procedures.

In addition to cyber terrorism, increasingly sophisticated methods, and a focus on healthcare and infrastructure, other patterns have emerged. For instance, attackers frequently attack small vendors, disrupting the supply chain for bigger fish. Double extortion attacks have also increased, in which hackers steal sensitive data from the victim to use as additional leverage.

Prestige Ransomware Attack

 

Credential Hygiene is Critical to Prevent Ransomware Attacks

Most successful ransomware attacks share a common feature. That is, successful attackers were able to compromise one or more highly privileged user accounts. In some cases, hackers gained access to a domain-wide administrator account. In other cases, multiple local administrator accounts shared the same password.

To guard against compromise of privileged accounts, organizations need to implement several best practices for credentials. For instance, the principle of least privilege mandates that users should be granted the minimum amount of access necessary. Tools like Microsoft Entra provide the analytics necessary to ensure that users do not have excessive or unused permissions.

Additionally, zero trust policies protect the system by requiring authentication every time a user or device attempts to access the network. Modern authentication systems such as multi-factor authentication (MFA) and randomized administrator passwords also provide critical security.

Configure Security Tools Properly

In some cases, organizations have security tools at their disposal but have not configured them properly. At the basic level, simply changing default passwords makes it more difficult for hackers to enter the system. But available tools provide many additional protections.

For example, Microsoft offers a suite of security tools in the Microsoft Defender family of products. Even small businesses can take advantage of enterprise-grade endpoint protection by deploying Microsoft Defender for Business.

These tools and others can play a critical role in reducing the risk of ransomware and other cyber-attacks. However, they can be difficult to configure, particularly for organizations with limited cyber security expertise. A cyber security consultant can provide crucial assistance in determining the right tools and settings to use.

Prestige Ransomware Attack

 

Cyber Security Investment Protects Against Prestige Ransomware Attack

Improving your cyber security posture requires an investment. However, companies that invest the time and resources required see important returns in mitigating the risk of a successful attack.

The cyber security consultants at eMazzanti offer the expertise necessary to ensure that you have the security you need. They will help you choose and configure the tools you need, including access management, email protection, data encryption and continuous network monitoring.

Download Article PDF

 

MXINSPECT Email Defense

Complete Defense Against Today’s Email Threats

Multi-Factor Authentication

Passwords are no longer enough.

UPCOMING VIRTUAL EVENTS

Demystifying Cyber Security for SMBs

sb-cyber-security-master-class

The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.

SESSION 4: Cyber Security Strategy
Watch On-Demand

SESSION 5: Cyber Insurance & MFA
Watch On-Demand

SESSION 6: Threat Detection | JAN. 15

Microsoft Copilot
Master Class Workshop

sb-microsoft-copilot-master-class

eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.

In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.

RESOURCES

Cyber Security Awareness Hub

sb-Cyber-Security-Awareness-Hub

Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.

We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.

Resource Library

sb-resource-library

Insights to help you do what you do better, faster and more profitably.

> Tips to Stay Protected Against Phishing Attacks

> Understanding Ransomware 

> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them

> Practical Advice for Avoiding Phishing Emails

Recent Articles

NEWSLETTER

Categories