The link between ransomware and identity security
The trend linking ransomware with identity security has accelerated in recent years. In fact, 60–80% of all security incidents are identity related, according to Paul de Graaf, Senior Identity Strategist with SailPoint. Frustratingly, most of these incidents were preventable.
Why identity theft is rampant
Cybersecurity is frequently antithetical to efficient business operations. Most employees outside the risk, security, and compliance departments are incentivized to move quickly and get work done. This results in sloppy compliance to security requirements and makes them easy targets for hackers.
Organizations are more susceptible than ever:
- Most cybersecurity practices still favor password protection over other forms of identity security and many people dislike clunky, increasingly complex, and frequently changed passwords.
- Bring-your-own-device (BYOD) puts a strain on security teams, exacerbating institutional cybersecurity and compliance challenges.
- Since the COVID-19 pandemic, many senior execs work from home on suboptimal networks or with Amazon Alexa listening nearby
Whose identities are targeted and why
Hackers are smart and know they can penetrate systems through the weakest link. Ransomware attacks increasingly target specific individuals, people with positions of value. CEOs and CFOs and those in senior roles at companies are particularly susceptible to identity theft. With the rise of cloud computing, IT infrastructure and devops staff also make appealing targets.
Storing usernames and passwords within central databases creates a scenario whereby the theft of a particular identity leads to hostage-taking of an entire set of systems. It’s safe to say, ransomware and identity security are inextricably linked, at least for the near term.
Yesterday’s approach to cybersecurity won’t cut it
Back in the day (not so long ago), cybersecurity teams focused on patching vulnerabilities. This approach led to endless patching cycles because teams often didn’t put “cyber hygiene” in place. Similarly, teams fail today to put cyber hygiene in place as it relates to identity security: onboarding, off-boarding, etc. Organizations don’t have clear visibility into who has access to what and what access permissions are granted or appropriate.
Point solutions didn’t work yesterday and they won’t work today.
Creating a structure of success
A necessary step to counteracting rampant identity theft and ransomware attacks comes with establishing good governance. Centralizing access to applications creates process and cost efficiencies but increases vulnerabilities, for example, which can increase cost and decrease efficiencies longer term if hacks occur. It’s important to understand the cost-benefit of access vs. security, which requires analyzing systems, their role, access permissions, and needed security.
Or eliminate the need for analysis. New approaches include “Just-in-Time” access or “Zero Standing Privileges,” giving people access when needed, reducing the attack surface and the risk of ransomware attacks linked to identity theft
Better identity security techniques
There’s some low hanging fruit when it comes to improving security as a whole. Here are a few suggestions:
- Get rid of passwords and use password list capabilities, people like this solution better anyway.
- Leverage artificial intelligence and machine learning capabilities to help manage systems access and keep it up-to-date — there is too much volume for a human to manage at most companies.
- Remove personally identifiable information (PII) from centralized locations using an approach called Zero Knowledge Proof, a cryptographic algorithm by which parties can verify data accuracy, validity without sharing the data itself.
- Leverage biometrics.
These methods give employees and leaders better control over their own identities in the cyber world and also help them access systems securely and quickly from mobile devices or their home computers — something that’s becoming increasingly important in our post-pandemic world.
HeraSoft’s next generation software offers a variety of products and services to improve enterprise cybersecurity.
- HeraVault™ offers distributed cloud storage with built-in replication, error correction and restoration capabilities.
- HeraFlow™, is an AI-Powered threat analysis system for fast and accurate threat data monitoring perfect for high-volume workloads and enterprise-level SOC’s.
- HeraPass™, with inherently fraud proof design, helps businesses innovate user management in IoT environments by achieving the anonymization and encryption of highly-sensitive data.
- HeraStamp™ proof-stamps mission critical data to permanent data stores and can help with data integrity in, for example, ecommerce settings.
To learn more about our enterprise blockchain solutions and how we can reduce your cybersecurity risks , click here