With less than two weeks to go to the SSP Security Symposium on 9/23, here’s a new security topic as we countdown to the event! Today we’re diving into the findings of a recent cyber threat intelligence report to learn about the most prevalent and dangerous threats that organizations are battling today and the new security measures brought forth by changing law enforcement.
Don’t forget to register for the symposium to hear firsthand from experts like Jon Ford (Managing Director of Global Strategy and Operations for Government Solutions, FireEye) and Chris Usserman (Director of Security Architecture, Infoblox) as they discuss ransomware on the frontlines and meeting cybersecurity compliance respectively.
Infoblox has published their Q2 2021 of Quarterly Cyberthreat Intelligence Report which includes publicly released threat intelligence from April 1, 2021, through June 30, 2021.
The report includes insight into new and recently emerged malware variants and trends, how these differ from other variants we have seen in the past, and defensive tactics and best practices that work.
An Expanded View of Ransomware
Approximately 10 percent of all breaches now involve ransomware. The impact and expense of successful ransomware attacks can be crippling to an organization. The recent attacks on JBS and Colonial Pipeline have once again brought focus to the danger of increasingly sophisticated ransomware campaigns.
The estimated payments in 2020 associated with ransomware have been estimated to be about $370 million in cryptocurrency. Ransomware costs are not just about the ransom payouts. The total damage associated with ransomware is estimated to be much higher than the cryptocurrency payouts—perhaps $20 billion.
The report includes an overview of the ransomware-as-a-service (RaaS) process flow and the primary channels of distribution, information on the NIST cybersecurity framework profile for ransomware risk management, and the CISA new ransomware readiness assessment, both published by these government agencies in June of this year.
Guidance on DNS Security
The report also delves into the NSA’s and CISA’s recent guidance on DNS security. DNS is key to the foundational security stack in the public sector. The NSA and CISA have gone on record in 2021 with guidance recommending that every agency, organization and enterprise leverage the existing DNS protocol and architecture by using a protective DNS (PDNS) service. This information sheet, Selecting a Protective DNS Service, details the benefits and risks of using DNS security and assesses several commercial PDNS providers based on reported capabilities.
