February 19, 2025 at 12:00 am
Comments posted to this topic are about the item Is Ransomware Fading?
February 19, 2025 at 4:38 pm
Maybe I'm an optimist, but I think what's also happening is that corporations are learning from past mistakes - getting smarter and better when it comes to employee training, security configuration, and disaster recovery.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
February 20, 2025 at 9:45 am
One thing I think may be leading to the reduction of Ransomware is the reduction in Email as the form of communication. Slack, MS Teams (and similar) are my primary means of communication both internally and for companies I deal with frequently.
I would also cautiously agree with Eric.
In my last two companies everyone has to go through cyber security awareness training every year. It is a bit simplistic but the examples of attack approaches are useful. One of the examples showed an email that seemed to come from a senior source with a time sensitive response. These work by putting people under pressure to short-circuit their critical thinking.
A change of company director is a visible event on LinkedIn so it isn't unusual to see such emails pretending to come from a new director.
I've been doing some work recently to configure an SaaS Email facility. I've had to start reading up on alien world of DNS (Domain Name Service) configuration as the Email facility won't work unless there are 3 particular records configured correctly within the DNS.
Highly publicised supply chain attacks have helped raise awareness at senior levels of businesses.
I've noticed that people in a security role seem to have a more proactive approach. We used to refer to them as the "Window of No". They could tell you everything that was wrong with what you were doing but would never advise on how it should be done right. That seems to have changed for the better.
February 21, 2025 at 3:56 pm
Potential for ransomware attacks can be reduced by eliminating the ability of employees to browse their personal emails on Gmail, hotmail, etc. That ensures that all email goes through your corporate processes for filtering, threat assessment and such. Employees may whine, but since everyone has a phone, they can use that to read their personal email.
February 21, 2025 at 4:03 pm
And I get this headline today, so maybe not. Maybe less headlines: https://techcrunch.com/2025/02/20/uk-healthcare-giant-hcrg-confirms-hack-after-ransomware-gang-claims-theft-of-sensitive-data/
And agreed, @Ross
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy