• United States



Three Essential Security Technologies to Combat Ransomware

Sep 29, 20215 mins

lock abstract glitch background illustration id1291733241
Credit: iStock

Over the past year we’ve seen an explosion in ransomware attacks – over 10x according to FortiGuard Labs – making the odds increasingly high that your organization will be attacked. In fact, a recent ransomware survey demonstrates that ransomware has become the top threat concern for most organizations globally. This can be attributed to a perfect storm of factors:

  1. The increase in working from home opened up the network and expanded the attack surface. Organizations have reported that one in five successful data breaches originated from a remote worker.
  2. The convergence of operational technology (OT) and information technology (IT) and the loss of the historical “air gap” increased the risks to formerly isolated OT systems.
  3. The continued growth of Ransomware-as-a-Service (RaaS); in addition to renting ransomware, some operators are selling access to compromised corporate networks, which makes it easier for less technical criminals to get involved.
  4. The ability for gangs of cybercriminals to more easily use cryptocurrency to extract data, which is more profitable than trying to sell credit card data on the dark web.

At the same time, the pandemic accelerated digital innovation efforts, especially in industries like retail where digital connectivity has become essential. The shift to remote work also caused a sudden inversion of the network. Enterprises went from 20,000 employees working in five offices to 20,000 employees working in 20,000 offices almost overnight. While organizations are accelerating digital innovation and work from anywhere programs to remain competitive, they’re also finding themselves with an expanded attack surface and new security threats introduced by these network changes. To keep up with today’s threat landscape and shifting network requirements, here are three essential security technologies that organizations should focus on:

1)    Transition VPN to ZTNA

When the pandemic began, many companies turned to their VPN to provide employees encrypted access. But going from 5%  of employees to 100% of staff using a virtual private network (VPN) could only be a temporary solution. Now organizations are seeking longer-term solutions for remote access because even when employees go back to the office, it’s likely it will be a hybrid arrangement.

There needs to be a transition from VPN technology to zero-trust network access (ZTNA), which limits access to applications. Using ZTNA makes it possible for organizations to rely less on traditional VPN tunnels to secure assets being accessed remotely. A VPN often provides unrestricted access to the network, which can allow compromised users or malware to move laterally across the network seeking resources to exploit. However, ZTNA applies the policies equally, whether users are on or off the network. So, an organization has the same protections, no matter where a user may be located.

2)    Bring Enterprise-grade security and networking to employees’ homes

Security in home networks is often lax, and many of them are filled with vulnerable devices, such as entertainment and gaming systems, unprotected personal devices, and consumer-grade routers that may be several years old and never updated or patched. Although end-user devices and cloud-based applications, and connectivity tools for remote branches have been in place, home networks have become a critical security issue for many organizations.

Because of this situation, many organizations want to take the best of enterprise networking and security, and pair it with an easy to set up Wi-Fi or routing system that separates the home network from the enterprise piece without degrading the quality of service. The goal is to combine the power of an enterprise solution with the simplicity of a consumer-based product.

This type of solution should offer a next-generation router and firewall for a safe and fast network connection for corporate and personal needs coupled with Wi-Fi 6 and mesh technologies. It must combine the best of SD-WAN, SASE, and zero trust approaches with simple, phone-home deployment and unified management. And it must be able to prioritize critical business traffic, such as collaboration tools, without severely impacting other essential activities on the home network.

3)    Add Endpoint Detection and Response

It is more difficult for cybercriminals to gain unauthorized access if you reduce the endpoint attack surface by disabling unused services, restricting user privileges, and performing physical or virtual patching to prevent vulnerabilities from being exploited.

Advanced attacks can take only minutes or even seconds to compromise endpoints, so signature-based solutions aren’t enough. Behavior-based endpoint detection and response (EDR) solutions can monitor system activity for malicious, suspicious and anomalous behavior. It’s particularly important in the case of ransomware for the solution to have the ability to block this type of activity in real-time.

Making a Dent in Ransomware Through Education and Training

When an organization brings their networking and security teams together to implement technology solutions like ZTNA and EDR, as well as at-home security-driven networking solutions for employees, they can make a significant dent in ransomware. Not only are you greatly reducing the attack surface, you have the technology to make sure if something happens, you can act quickly.

Going beyond the technology, you also need to get everyone in the company on board in the fight against ransomware. That’s why education and training is another key element outside of technology to keeping ransomware from getting a foothold. According to the 2021 Verizon Data Breach Investigations Report, 85% of data breaches involve human interaction. Educating individuals, especially remote workers, on spotting suspicious activity and implementing basic security tools and protocols can help build a baseline of defense.

Ransomware isn’t going away anytime soon. It’s a fact of life. But with some cooperation, technology, and education, you can help your organization be prepared for the next attack.

Learn more about Zero Trust solutions from Fortinet that enable organizations to see and control all devices, users, and applications across the entire network.