New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


New Coalition Aims to Combat Growing Wave of Ransomware Attacks

Ransomware attacks surged in 2020, and criminal groups primarily targeted schools, hospitals, and governments. Now, a California based nonprofit is creating a ransomware task force to help private sector organizations and governments with recommendations and best practices to respond to ransomware attacks. The group understands that the ransomware threat is too large for any one entity to handle. The task force is made up of several members of the tech and cybersecurity world, including Microsoft, FireEye, and McAfee. This group comes as leaders in the U.S. government have raised concerns about the strength of U.S. cybersecurity. President elect Joe Biden included over $10 billion in cybersecurity and IT funds in his proposed COVID-19 relief bill. Bennie Thompson, the House of Representatives Homeland Security Committee Chairman, announced that he plans on reintroducing legislation to create a $400 million grant program that would help state and local governments combat cyber issues. 

Analyst Notes

Although it is great to see the U.S. government and the private sector working to fight back against ransomware, organizations still need to be aware of current threats and how to protect against them. Get ready for ransomware attacks by constructing a pre-incident preparation strategy, that includes backup, asset management, and the restriction of user privileges. Determine whether the organization is ultimately prepared to pay a ransom or not. Implement detection measures by deploying behavioral-anomaly-based detection technologies to identify ransomware attacks. Build post-incident response procedures by training staff and scheduling regular drills. It is also important to have a third-party monitoring service such as the Binary Defense Security Operations Task Force. The Task Force provides a 24/7 monitoring solution for SIEM and Managed Detection and Response (MDR) capabilities to detect and defend from intrusions on an organization’s network.
More information can be found in this article: