Protecting Businesses from the Ransomware Wave: What to Do Immediately?

A LARGE-SCALE RANSOMWARE ATTACK WAVE IS CURRENTLY UNFOLDING WORLDWIDE, targeting entities across various sectors, including government agencies, businesses, and non-profit organizations.

(As reported by Vietnam Net on November 1, 2023) Every year, hundreds of companies globally fall victim to cybercrime. In the past two months, the United States experienced severe attacks on entertainment company MGM Resorts International and hygiene product manufacturer Clorox. Both entities are still struggling to fully recover from the incidents.

(As reported by Bao Dau Tu on November 18, 2023) The U.S. branch of the Industrial and Commercial Bank of China (ICBC) fell victim to a ransomware attack on Wednesday (November 8), disrupting some of the bank's systems and reportedly impacting liquidity in the U.S. Treasury bond market. This event may have contributed to a market sell-off on Thursday, November 9, 2023. Two weeks earlier, the same hacker group targeted Boeing, stealing a significant amount of sensitive data from the U.S. aircraft manufacturer and threatening to release it on the internet if a ransom was not paid.

In Vietnam, according to statistics from the Information Security Department, in October 2023 alone, the department issued warnings and provided guidance on handling 1,010 cyberattacks causing disruptions to information systems in Vietnam, a 17.9% increase compared to the same period in 2022.
The situation remains serious in November, with several businesses and organizations in Vietnam falling victim to ransomware attacks, causing significant disruptions and damages.

This is a critical time for organizations and businesses to consider, review, and strengthen their cybersecurity capabilities to reduce the risk of attacks and limit the impact if an attack occurs. Below are some suggested measures in this regard:

  • Aim for or comply with cybersecurity standards and frameworks (e.g., ISO 27000, NIST, multi-layered defense models, etc.).
  • Invest in vulnerability management tools, ensuring regular reviews and addressing vulnerabilities in systems.
  • Implement modern multi-factor authentication methods, deploy identity management systems, access control, and privileged account management to protect the continuous operation of IT systems and applications.
  • Back up data or create backup copies (on the cloud or on-premise) along with protection solutions, enabling recovery if the primary data is affected by ransomware.
  • Enhance awareness training on cybersecurity, especially regarding the risks of ransomware attacks.

Based on recent attack cases, a common vulnerability exploited by hackers is weak user authentication (solely relying on passwords). For instance, in the recent attack on MGM Resorts International, the attacker impersonated MGM employees (using personal information gathered from LinkedIn) and called the MGM IT Helpdesk to obtain login information, leading to a system breach and causing damages of up to $100 million. Therefore, one of the recommended solutions is to implement modern multi-factor authentication, biometric authentication, or knowledge-based authentication to resist phishing attacks.

YubiKey Authentication Support Solution: Small Device, Big Benefits!

YubiKey is a security key that supports various modern authentication protocols such as FIDO2, PIV, and provides protection against phishing attacks. YubiKey is used for two-factor authentication (2FA) or passwordless authentication. Utilizing YubiKey is straightforward, with the device supporting multiple authentication methods and connection protocols.

The passwordless YubiKey authentication solution helps mitigate ransomware attacks because:

  • YubiKey enforces two-factor authentication (2FA), requiring two different authentication factors to access an account: a password and the physical YubiKey device. Therefore, stealing or changing a password alone is insufficient to authenticate an account.
  • Prevents remote attacks: Ransomware is often deployed remotely, exploiting security vulnerabilities to infiltrate systems. Using YubiKey adds an extra layer of protection, especially when configured to require physical authentication when accessing the system.
  • Not dependent on passwords: Ransomware often targets password theft; using YubiKey minimizes this risk. Even if a password is exposed or compromised, without the YubiKey, the authentication process cannot be completed.
  • Resistant to impersonation attacks: YubiKey employs encryption and advanced security measures to prevent impersonation attacks. Hackers would need both authentication information and the physical YubiKey to successfully log in, making stealing the YubiKey practically impossible.

HPT has the capability and experience to support organizations and businesses in deploying YubiKey solutions against the threat of ransomware:

  • As an official partner of Yubico, HPT provides YubiKey authentication keys along with integration services into customer IT systems.
  • Offers comprehensive services ranging from integrated solutions, information security, and customer support.
  • Responds to customer requirements flexibly, promptly, and efficiently.

Experience the passwordless YubiKey authentication solution today with the special offer: BUY 10, GET 1 FREE from HPT.

Act now before ransomware holds your data hostage.

>>Learn more about the YubiKey passwordless authentication solution here

HPT is a leading partner providing YubiKey products
Contact HPT now:

Điện thoại: 028 38 266 206