Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Is ransomware winning?
Cyber Security: A Peer-Reviewed Journal,
5
(1),
51-65
(2021)
Abstract
This paper evaluates the performance of ransomware attacks and looks at the tactics and successes to determine effective counterstrategies. By analysing lagging indicators of the successes of ransomware, we can reverse-engineer an effective counterstrategy to fight back and significantly reduce the effectiveness of ransomware. This paper argues that the biggest challenge in countering modern ransomware is that the approach most companies are taking is too narrow. There is no one solution answer to this challenge. The most effective counter to modern ransomware is a balanced security strategy of preventative and detect and response, layered in such a way as to disrupt, reduce and eliminate the tools and tactics that make modern ransomware effective. This also includes activities that happen well in advance of the ransomware attack and devices that may not even be part of the actual attack itself. This paper will also propose an effective strategy to counter modern ransomware and provide organisations with key technologies to remove critical capabilities from our adversary’s arsenal and disrupt the tactics that have made modern ransomware so successful.
Keywords: zero trust; cyber security; ransomware; risk-based prioritisation; cyberattacks; phishing
The full article is available to subscribers to the journal.
Author's Biography
Chris Goettl has been working for Ivanti as senior director of product management for endpoint security products for the past four years. Prior to that, for four years he was the product manager for several of Ivanti’s patch and vulnerability management solutions. During this time, Chris has guided the security strategy and vision for Ivanti endpoint security products. He is also a security evangelist speaking at security events globally, where he gives guidance around modern cyber threats and how to combat them effectively. Chris hosts a monthly webinar focusing on Patch Tuesday and security vulnerabilities, and frequently blogs about security topics. You can find contributed articles as well as commentary from Chris in notable security news sources such as SC Magazine, Redmond Magazine, ComputerWorld, ThreatPost, Help Net Security and more.
