Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

A New Year’s Ransomware Resolution

150 vues

Publié le

2020 was a brutal year for ransomware. Cybercriminals operated without any human decency, targeting the most vulnerable and at-risk parties, such as hospitals, scientists, and global manufacturers. The approach has become more sophisticated and life-threatening, shifting from individual targets to global enterprises, destroying backups, blackmailing victims with public leakage of exfiltrated data, and paralyzing critical systems and infrastructure.

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

A New Year’s Ransomware Resolution

  1. 1. January 2021 A New Year’s Ransomware Resolution Guidance for a safer 2021 David White, Axio & Garin Pace, AIG Presented By:
  2. 2. 2 Talking Points ▪ Ransomware trends ▪ Privileged visibility by cyber insurers ▪ Evolved ransomware attack pattern ▪ Top 3 things you should do right now ▪ Ransomware preparedness assessment in Axio360 Agenda UPDATE IMAGE
  3. 3. 3 Presenters David White Co-founder & President Axio Garin Pace Cyber Product Leader AIG
  4. 4. 4 139% Ransomware continues its rise as a top cyber threat impacting companies worldwide. Year over year increase in US ransomware attacks, Q3 20201 50% Ransomware cases that include data exfiltration2 $50M to 70M Cognizant’s estimated cost of their 2020 ransomware attack3 360% Year over year increase in average ransom payment, $233,817 in Q3 20202 1. https://securityboulevard.com/2020/11/40-increase-in-ransomware-attacks-in-q3-2020/ 2. https://www.coveware.com/blog/q3-2020-ransomware-marketplace-report 3. https://www.crn.com/news/security/big-game-hunting-why-tyler-technologies-cognizant-conduent-and-dxc-technology-were-hit-with-ransomware
  5. 5. 5 Cyber insurers have privileged visibility Why insurance matters to cybersecurity leaders ▪ In the last century, the insurance industry drove safety and engineering standards to ‘solve’ the risk of boiler explosions ▪ A few years ago, the insurance industry began providing financial incentives to address point-of-sale intrusions ▪ Today, insurers are working to understand and proactively address ransomware Update Image
  6. 6. 2017 2018 2019 6MO 2020 North America International Ransomware claims show increasing frequency and severity • Cyber insurance market reflects the overall threat landscape; ransomware frequency continues to rise • Ransomware has evolved and now poses material risk to the enterprise; impacts are dramatically increasing AIG data as of Q2, 2020 Global Ransomware Claim Count Top 20 Cyber Insurance Claims by Type – North America 0 5 10 15 20 2017 2018 2019 Ransomware Data Breach Privacy Event System Failure Other Malware All Other North America International Ransomware All Other First half of 2020: 75% of 2019 total
  7. 7. First Ransom Demand – 2016 – 2020 Incident Response Fee Range – Survey of Major Providers Business Interruption Length – 2016 – 2020 Breach Counsel Fee Range – Survey of Major Providers Global Ransomware Claims by Industry Ransomware is democratic and expensive • No industry sector or geography is immune; attackers are opportunistic. • Initial ransom demands now approach ~$40M; with the average drifting up dramatically in 2020 to >$8M. Min $<1K Max $40M Median $1M Average $5M Minor $5K Complex $400K Average $90K Low <1hr (0 days) Max 2,160hrs (90 days) Median 168hrs (7 days) Average 240hrs (10 days) Complex $1M Minor $1K Average $40K AIG data as of Q2, 2020 Ransomware Financial Impacts 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% 2017 2018 2019 Healthcare Business Services Education Government Retail / Wholesale Financial Services Manufacturing All Other
  8. 8. 8 Big Game Hunting The new ransomware pattern Phishing Network Edge Vulnerability Remote Desktop Protocol Other Initial Compromise https://www.coveware.com/blog/q3-2020-ransomware-marketplace-report
  9. 9. 9 Big Game Hunting The new ransomware pattern Phishing Network Edge Vulnerability Remote Desktop Protocol Other Privilege Escalation to Domain Admin Active Directory Initial Compromise
  10. 10. 10 Big Game Hunting The new ransomware pattern Phishing Network Edge Vulnerability Remote Desktop Protocol Other Privilege Escalation to Domain Admin Active Directory Exfiltrate Data Destroy Backups Deploy Ransomware Payload Demand Ransom Payment Initial Compromise
  11. 11. 11 Learning from hundreds of ransomware claims ▪ Increase protections to privileged credentials, for example ▪ Use MFA on domain admin accounts ▪ Scrutinize domain admin privileges ▪ Eliminate domain admin service accounts ▪ Modernize endpoint protections ▪ Measurably improve vulnerability management Top three actions you should take
  12. 12. 12 PREVENT: Protect Against Initial Compromise ▪ Implement Secure Network and Device Configurations ▪ Reduce Network and Supply Chain Vulnerabilities ▪ Monitor for and Stop Attacks ▪ Defend Against Email- and Web-Based Threats CONTAIN: Limit the Spread of Ransomware ▪ Manage Privileged Accounts ▪ Limit Use of Privileged Access RESTORE: Respond to and Recover from Ransomware ▪ Implement, Test, and Protect Backups ▪ Plan for Ransomware Response Axio Ransomware Preparedness Assessment
  13. 13. Axio360 Demo
  14. 14. 14 ▪ Sign up for free tool at axio.com ▪ Conduct a free ransomware preparedness assessment ▪ Use your results to shore up your protections ▪ Ransomware preparedness assessment is also available to all Axio subscribers Check your ransomware preparedness today
  15. 15. American International Group, Inc. (AIG) is a leading international insurance organization serving customers in more than 130 countries and jurisdictions. AIG companies serve commercial, institutional, and individual customers through one of the most extensive worldwide property-casualty networks of any insurer. In addition, AIG companies are leading providers of life insurance and retirement services in the United States. AIG common stock is listed on the New York Stock Exchange and the Tokyo Stock Exchange. Additional information about AIG can be found at www.aig.com | YouTube: www.youtube.com/aig | Twitter: @AIGInsurance | LinkedIn: http://www.linkedin.com/company/aig AIG is the marketing name for the worldwide property-casualty, life and retirement, and general insurance operations of American International Group, Inc. For additional information, please visit our website at www.aig.com. All products and services are written or provided by subsidiaries or affiliates of American International Group, Inc. Products or services may not be available in all countries, and coverage is subject to actual policy language. Non-insurance products and services may be provided by independent third parties. Certain property-casualty coverages may be provided by a surplus lines insurer. Surplus lines insurers do not generally participate in state guaranty funds, and insureds are therefore not protected by such funds. © American International Group, Inc. All rights reserved. 15
  16. 16. Thank You! info@axio.com www.aig.com/cyber

×