Feb 10, 2023

Security News This Week in 4 Minutes

Authors
Jacob Berry
Security News This Week in 4 Minutes

Hello, and happy Friday! 

This week (week of February 5th, 2023) security and privacy news has been dominated by talks of spy balloons and sanctions on Russian threat groups. But in case you missed it, some other interesting ransomware press was released.

On Thursday, CISA, in conjunction with several domestic and international agencies, issued an advisory noting continued threat from state sponsored ransomware. This week’s publication shared TTPs associated with North Korean actors who are using ransomware to fund state activities. 

On the infrastructure side, Amazon’s AWS team published a blog focusing on ransomware attacks on S3 buckets (large data storage used by most organizations).

We have these kinds of conversations with our customers nearly every day. Organizations are increasing their investment in the cloud to streamline the cost of infrastructure in a slower economy. But many of them are still finding their security footing. Meanwhile, threat actors are ramping up ransomware attacks that result in denied availability of cloud data.

As noted in the above articles, access control and response tools need to be in place for cloud-specific attacks. Here are some quick takeaways:

  • Ensure you’re limiting access to buckets
  • Manage AWS keys and credentials securely
  • Ensure you’re updating and patching infrastructure 
  • Have a cloud response plan specifically for ransomware (not just a general one!)
    – Note, this should include specific work instructions on how to cut off access, how to restore, and how to maintain operations during an incident
  • Ensure you have immutable, virtual air-gapped backups

Clumio offers cloud-native solutions that reduce restore time, and incident friendly features, such as the ability to restore to a different account and region that has not been compromised. These features go beyond what native tools can offer.

For more information on how you can protect your critical data from ransomware in minutes, visit our Ransomware Recovery solutions page. Better yet, get in touch with us for a customized demo.

Before signing off, here is a quick bonus “In the news:” the Supreme Court declined to decide on the scope of attorney-client privilege during cyber incidents. See this article from Data Security Law Blog for an excellent analysis of how counsel should be engaged during an incident.

Enjoy the weekend! 

Jacob Berry
Field CISO, Clumio