Ransomware can be a large concern for businesses. Stephen Heath, CTO, TorchLight, helps outline Cisco's seven steps in the ransomware kill chain.
Intro: Ransomware can be a large concern for businesses – it compromises resources critical to operation and locks them in an encrypted environment until a ransom is paid. While every business should be aware of ransomware, not all understand the many steps involved in a full attack. Knowing and identifying the following steps in the ransomware kill chain can help businesses defend against it – and get the right security protocols in place before it happens and impedes business operations.
According to Cisco, there are seven steps in the ransomware kill chain:
Bad: The variety and complexity of the steps in the ransomware kill chain have led to many bad actors specializing in one specific piece (i.e., credential phishers that sell access to other shops, exploit kits for sale, or callback specialization, etc.). Companies must be agile with various solutions in adapting to new and evolving threats.
Good: Managed Detection and Response (MDR), when designed and managed correctly, can provide a comprehensive defense against ransomware, malware, and other types of attacks. Each step in the chain calls for a different security tool (from firewall and intrusion prevention in the target phase; email and web security in the launch phase; and anti-malware later in the process). Reach out to Torchlight and build your business’ comprehensive ransomware protection today.