Ransomware is hardly new. In fact: it has been around for decades. But in 2020, ransomware looms in the minds of executives and security professionals as never before. It is an endemic problem in both the public and private sectors globally: earning billions for shadowy cyber criminal groups and rogue states alike.
In recent years, however, the cybercrime landscape has shifted noticeably. High-profile incidents like the recent attacks on Universal Health Solutions, Garmin, Konica-Minolta and the mobile operator Orange underscore a pattern: ransomware gangs moving steadily up the food chain from small, unsophisticated organizations (schools, local government) to some of the largest, wealthiest and most technically sophisticated firms in the world.
How have they done it? By attacking what we at QOMPLX call Critical Controls Infrastructure (CCI). Simply put, CCI are the systems deep inside a company that implement the key controls that underpin the organization’s security program. These include general IT controls, but most especially include authentication infrastructure such as Microsoft Active Directory.
Our CISO Andy Jaquith recently weighed in on the trend towards high-impact ransomware attacks on critical control infrastructure for SC Magazine. Click on over to SCmagazine.com to read his article "Attacks on authentication turn ransomware from disruption to disaster."