fbpx
Ransomware; What It Is and What To Do About It.

Ransomware; What It Is and What To Do About It.

NEWS

Ransomware

What it is and what to do about it

Cybercriminals use malicious software, often delivered as an email attachment or link, to infect the network and lock email, data, and other critical files until a ransom is paid. These evolving and sophisticated attacks are damaging and costly. They can cripple day-to-day operations, cause chaos, and result in financial losses from downtime, ransom payments, recovery costs, and other unbudgeted and unanticipated expenses.

Recently, criminals have refined their tactics to create a double extortion scheme. They base their ransom demands on research they perform ahead of the attack. They steal sensitive data from their victims and demand payment in exchange for a promise to not publish or sell the data to other criminals. Since criminals cannot be trusted, victims who pay are often contacted several months later and asked for another payment to keep the stolen data secret. Some ransomware criminals will accept payment but sell the data anyway.

How to protect against ransomware:

  • Do everything you can to prevent credential loss. Implement anti-phishing capabilities in email and other collaboration tools, and consistently train your users for email security awareness.
  • Secure your applications and access. Besides using MFA, you should also implement web application security for all your SaaS applications and infrastructure access points. Application vulnerabilities are often hidden in the application code or underlying application infrastructure; therefore, you must protect your applications from the OWASP Top 10 threats. If you have API interactions in your application, you should also make sure you are covered for OWASP API Security Top 10. Along with application protection, try to reduce the amount of access you provide to your users wherever you can. If you can, narrow down to the least amount of access your users need to be productive. It’s best to implement Zero Trust Access based on endpoint security postures.
  • Back up your data. Stay current with a secure data protection solution that can identify your critical data assets and implement disaster and recovery capabilities. That way you can be confident about saying no to ransomware criminals.
災害現場を見える化して、地域を守り、消防職団員も守る:タヌキテックの取り組み【IT×地域防災】(2021年8月17日号

災害現場を見える化して、地域を守り、消防職団員も守る:タヌキテックの取り組み【IT×地域防災】(2021年8月17日号

NEXTALK

災害現場を見える化して、地域を守り、消防職団員も守る:タヌキテックの取り組み【IT×地域防災】(2021年8月17日号)

ITと新たな分野を掛け合わせた取り組みをご紹介する「IT×○○」。今回お話をお伺いしたのは、株式会社タヌキテック代表取締役の市川浩也さんです。自身も消防職団員を経験し、ITを活用した防災力の向上が急務であると痛感したといいます。そこで現場を見える化し、自治体と地域の消防職団員をスムーズにつなげるための消防団向けアプリ「FireChief(ファイヤチーフ)」を開発。アプリの開発に至った経緯やアプリの特徴、現状の課題や今後の展開について伺いました。

Despite the pandemic, Super Nintendo World opens a promising bonanza of Mario fun.

Despite the pandemic, Super Nintendo World opens a promising bonanza of Mario fun.

Featured Blog

Despite the pandemic, Super Nintendo World opens a promising bonanza of Mario fun.

Nintendo and Universal Studios Japan selected the period of the world’s worst pandemic since World War II to launch one of the former’s most ambitious projects to date, and one that has been in the works for five years: the Super Nintendo World theme park.