This week, CISA, the FBI and the NSA released a joint Cybersecurity Advisory warning of an increase in Conti ransomware attacks.
Robert Golladay, EMEA and APAC Director at Illusive had this to say about the advisory current state of Conti ransomware.
“The escalation in Conti ransomware attacks isn’t surprising. We continue to see it distributed through TrickBot infections. Threat-actors are constantly stepping up their game and improving their tools to increase their success rate. And then sharing what works - they effectively operate a ‘GitHub’ for attackers, sharing code once they've been successful with a technique. Once an attacker is in the network, which inevitably will happen, it won’t take them long to move laterally to target ‘crown jewels.’ At this point it’s too late for companies to save their valuable data and assets. Along with implementing zero-trust, network segmentation and updating operating systems and software, companies should be deploying an ‘Active Defense,’ including deception technology, to catch attackers moving across the network. Any ‘undetected’ movement through the systems will be caught and stopped mid-tracks. This is the most secure way to keep company assets protected and prevent any large scale attacks.”