Traditional ransomware techniques did not need to be advanced to be effective, according to Adam Gavish, co-founder and CEO at DoControl. It is a simple rinse and repeat process.
“The human element remains to be a major issue. People make mistakes. They can easily become subject to a social engineering campaign, increasing the likelihood of the employee clicking on a phishing email. Their endpoint becomes compromised, the malicious code replicates and spreads through the IT estate. Simple,” he told TechNewsWorld in explaining why ransomware attacks are successful.
With the surge of cloud adoption, attackers have put SaaS applications in the crosshairs, he added. Weaponizing the many vulnerabilities that exist with SaaS applications is the next phase of advanced Ransomware attacks. Attackers recognize that a company’s crown jewels — its data — are stored, manipulated, and shared across these critical cloud-hosted business applications.
“Just like with the cloud, securing SaaS is a shared responsibility between the provider and the consumer of the service,” Gavish added.
Modern businesses have an obligation to better protect the files and data within SaaS through a defense-in-depth approach, he suggested. If an endpoint becomes compromised, there needs to be a way to prevent malicious files from being accessed by employees or external collaborators.