top of page

News & Updates

CONECT Ransomware Webinar Summary

with Linn Freedman & Joe Devine

1/30/2024

Dollars

Top Methods of Attack & Response to Ransomware Incidents Threat actors employ various methods to breach organizations' networks and systems.

Understanding these risks and having a robust response plan are crucial. 

Methods of Attack 

Malicious Code

Threat actors embed malicious code in technology to steal credentials through phishing, SMS texts with links, QR codes, email, desktop sharing software, web applications, direct installs, and backdoors. 

Social Engineering

Criminal organizations invest significant time in social engineering, exploiting employees' connections on social media to gain familiarity and trick them into clicking on malicious links or attachments. 

Human Element

Approximately 74% of breaches involve a human element, underscoring the importance of training employees to think differently about technology.  

Call Center

Response to Ransomware Incidents 

Preparedness

Ransomware attacks can be devastating, with threat actors typically infiltrating systems for 200-270 days before deploying ransomware. Having an incident response plan in place is essential. 

Communication and Decision-making

Establish clear lines of communication, both onsite and remotely, and designate key decision-makers, including C-suite executives and legal counsel. 

Tabletop Exercises

Conduct regular tabletop exercises to simulate ransomware scenarios, ensuring that all team members understand their roles and responsibilities. 

Incident Response Team

Ensure clarity on who constitutes your incident response team and how to contact them, considering that access to systems may be restricted during an attack. 

Technical Assistance

Engage IT and forensic specialists to facilitate the restoration of systems from clean backups and identify the ransomware attacker and their demands. 

Technical Assistance

Engage IT and forensic specialists to facilitate the restoration of systems from clean backups and identify the ransomware attacker and their demands. 

Cyber Insurance Considerations 

Policy Coverage: Work with a knowledgeable broker to assess cyber insurance options, ensuring coverage for social engineering, HIPAA compliance, website protection, and ransom payments. 

Application Accuracy: Provide accurate information on cybersecurity practices in insurance applications to avoid coverage denial based on misrepresented data. 

Bill

In conclusion, proactive measures, comprehensive incident response plans, and adequate insurance coverage are vital in mitigating the impact of ransomware attacks on an organization. Collaboration between stakeholders and continuous readiness efforts are key to effectively combating evolving cyber threats. 

bottom of page