$144.2 million: The amount that victims of the 11 most significant ransomware attacks in 2020 (so far) have spent recovering from these cyber assaults. The staggering sum shouldn’t be entirely unexpected because, in reaction to a ransomware attack, an organization must invest in costs ranging from investigating the issue, rebuilding networks, and restoring backups to paying the hackers and putting preventative measures in place to avoid future breaches.
Reportedly, several of these organizations not only paid the ransom (in the amount of several hundred thousand dollars each) but also for the resultant security, drastically increasing their overall costs. If they had a more proactive approach that included a bold solution such as Privileged Access Management (PAM), much of this expense could have been considerably reduced.
Today, organizations of all sizes remain susceptible to ransomware attacks. Most recently, the Hartford, Conn., school district was hit with ransomware that caused the first day of school to be postponed. To properly recover from these attacks, an institution needs costly repair and respondent implementations to overhaul network exposures. Examining the difference between a reactive and a proactive approach demonstrates the worth of investing in a preventative solution such as PAM.
A reactive approach leaves unprepared organizations vulnerable
- Access: As organizations evolve and scale, the number of passwords increases exponentially, raising complexity and security issues. These mission-critical passwords are often written down and accessible to anyone who knows where to look, including hackers.
- Accountability: In a network unsecured by a PAM solution, shared credentials compromise liability. Moreover, they render audit trails incomplete and nonexistent should an organization need to find the root of their network vulnerabilities.
- Exposure: As passwords age, exposure also increases. Static passwords pose a growing risk from former employees, bad actors, and ransomware attackers looking for exploits.
- Scalability: As they upgrade infrastructure and grow, organizations are perpetually deploying new servers, workstations, and virtual machines. These new point-to-point connections increase vulnerability to hackers and managing, protecting them at scale is challenging.
Instead of choosing responsive triage, organizations should be armed and adaptable with a ready PAM solution so they are dynamic, evolving, and equipped.
A proactive approach with an implemented PAM solution has organizations prepared
- Access: If these same organizations were to utilize a PAM implementation, they would store and vault passwords across complex and changing networks. Also, they could control access to accounts with password checkout and concurrency rules.
- Accountability: PAM-empowered operations can personally identify users with a login and strong multi-factor authentication. Responsibility is cultivated through access request authorization, logged access, and record sessions to track down user error and susceptibility.
- Exposure: With a PAM solution, an organization can randomize passwords after use, set expiration on checkouts, and keep passwords under wraps unless necessary. This virtually eliminates an access and exposure point for would-be hackers.
- Scalability: Even when following best practices, ransomware attackers often exploit weaknesses in complex systems where access vulnerabilities are exposed when the systems scale. A PAM solution monitors inventory systems and a wide range of connectors and automatically discovers and imports privileged accounts as the organization changes and grows.
You likely haven’t experienced an attack yet, but you want to be prepared in the event it does happen. The proactive approach of a PAM solution will help your technology react accordingly should you get hacked — ensuring security, dynamism, and adaptability. Moreover, engaging in a proactive vs. reactive approach to ransomware attacks could save you money and lost time in the long run.
In the last two years, 79% of organizations have experienced an identity-related security breach, according to research from the Identity Defined Security Alliance...
The amount Colonial Pipeline paid to DarkSide ransomware attackers: $5 million. A costly hack, but certainly not the first cyberattack the U.S. energy industry has...