Interrupting Ransomware: Learning From Lockheed (NSS Labs)


The threat landscape is ever expanding. In the past, threats were limited to minor attacks that would cause a small amount of damage to an organization. As time has progressed, far more advanced attacks have surfaced, such as complex phishing attacks and ransomware, resulting in extensive damage to organizations.

Today, cyberattacks have become more prevalent, and much more difficult to prevent, which has increased the number of major, targeted attacks on businesses — I’ve seen many smaller and less experienced cybercriminals gain access to incredibly advanced hacking technologies. Take a look, for example, at how easy it is to gain access to ransomware as service (RaaS).

The fact is, ransomware is only one type of threat in the wild. Organizations need to look beyond the payload and pay closer attention to the exploit as well. If an organization’s security stack fails to block an exploit, then the payload, ransomware in this case, has a much higher likelihood of being successful.