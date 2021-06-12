



Yekaterinburg, Russian Federation-June 28, 2017: A computer hacked by a virus known as Petya. Petcha … A ransomware cyberattack that struck computers in Russian and Ukrainian companies on June 27, 2017.

Google details new ransomware threats and best practices to combat them.

Posts created by Phil Venables Vice President and Chief Information Security Officer, Google Cloud and Sunil Potti Vice President / GM, and Google Cloud Security highlight how the challenges and threats of ransomware are evolving. ..

Much of the discussion is focused on Google products, where the author quickly points out the benefits of Google Cloud and other Google software and services, but more broadly, everything that wants to fend off ransomware attacks. Applies to the organization of.

Ransomware encrypts your organization’s files in a basic way, effectively keeping your organization out of your most valuable data. You will then be asked for a ransom to unlock the file.

Look at ransomware: nothing new

The author states that ransomware is not a new threat in the world of computer security. According to Google, attackers with devastating and financial motivations have been around for years, demanding payments to decrypt data and restore access.

Today’s reality shows that these attacks are even more prevalent, affecting critical services such as medical care and gasoline pumping.

Email is not your friend

Google reiterates that all self-respecting cybersecurity professionals can teach you.

Email is at the heart of many ransomware attacks. The authors state that it could be used to phish credentials for unauthorized network access or to distribute ransomware binaries directly.

Chromebook as a defense

The author points out the advantages of Chromebook security. And I can prove this. I own and use a Chromebook and agree that Chrome OS is more secure than Windows and Mac (which I also use).

Chromebooks are designed to protect against phishing and ransomware attacks, have a small on-device footprint, are read-only, and always have an operating system, sandbox, verified boot, safe browsing, and Titan-C security chips. It has been updated, the author writes.

According to the author, deploying ChromeOS devices primarily to browser-working users reduces the attack surface of your organization, including over-reliance on legacy Windows devices that are known to be vulnerable to attacks. I can.

Evolution of threat

The ransomware group, sometimes referred to as double blackmail or triple extortion, is constantly evolving its tactics.

These newly added threats include stealing (and threatening to expose that data) data before encryption and distributed denial of service (DDoS) attacks.

The authors say that some ransomware operators are trying to take advantage of the threat of distributed denial of service (DDoS) attacks on victims’ organizations to further force ransom payments.

In fact, these new tactics are more influential and more influential on criminal organizations trying to extort millions of dollars from their organizations, so they are regular rather than exceptions. ..

5 pillars

The author details what an organization needs.

Pillar # 1-Specific: Understand which cybersecurity risks need to be managed Pillar # 2-Protection: Create safeguards to ensure delivery of critical services and business processes Pillar # 3 Detection: Pillar of Events or Incidents that Defines Continuous Ways to Monitor Your Organization and Identify Potential Cybersecurity Pillar 4 Response: Activate Incident Response Programs Within Your Organization Pillar 5-Recovery: Cyber ​​Resilience Programs and Backup Strategies To construct

Google is immune to news related to ransomware attacks

Although not included in Google posts (for obvious reasons), Google products are also ransomware-related news.

As the Cybersecurity and Infrastructure Security Agency (CISA) explained in an advisory last October, Ryuk ransomware is behind a campaign to send phishing emails with links to Google Drive documents.

At the time, the CISA, FBI, and Department of Health and Human Services were targeting the medical and public health sector with malicious cyberattackers with TrickBot and BazarLoader malware, leading to ransomware attacks, data theft, and disruption of medical services. He said that there are many cases.

The email received by the victim contains a link to an attacker-managed Google Drive document or other free online file hosting solution, usually disguised as a PDF file.

Through phishing emails that link users to Google Docs, malicious actors used fake files to install malware.

In November, Slate described an attack on the University of Vermont Health Network.

