[Thorough survey] How do you take measures against "franchise" and "multiple intimidation" of cyber attacks?｜ Business+it

Solve business issues by combining IT and management

What is business + IT?

Login

E -mail magazine registration

What is business + IT?

営業戦略

コスト削減

組織改革

生産・製造

危機管理

コンプライアンス

省エネ・環境対応

業種・規模別

基幹系

情報系

運用管理

セキュリティ

ネットワーク

モバイル

ハードウェア

開発

Related genre

Contents provided by Cyber Reezen Japan Co., Ltd.

[Thorough survey] How do you take measures against "franchise" and "multiple intimidation" of cyber attacks?

The diversification of work styles accelerates the diversification of work styles, and the digitalization of business by digital transformation (DX) is progressing, while cyber attacks are increasing.In particular, in 2021, the threat of ransomware established by business models such as "double -intimidation type" and "Ransomware as a Service) has emerged.So, let's look back on the threat trends of 2021 from thorough research and research, and look at the cyber threat prediction that can occur in 2022.

Ransomware attack is organized

　2021年もランサムウェア攻撃が猛威をふるった。従来とは異なる攻撃の特徴としては「組織化された攻撃」というポイントが挙げられる。これは、ランサムウェアの開発や標的となるシステムへの侵入、ファイルの暗号化成功後の身代金交渉から仮想通貨の支払いを支援するヘルプデスクに至るまで、各分野の専門家による分業化が進み、「フランチャイズ化された犯行」ということができる。　また、最新のランサムウェアは「多重脅迫型」という特徴も備える。これは、ファイル暗号化の実行前にターゲットの組織の機密情報を抜き取り、何重にもわたる脅迫を行うものだ。2021年5月にランサムウェアの攻撃を受けた米国パイプライン大手のコロニアル・パイプラインの事例では、4回もの脅迫が行われたといわれる。さらに、ランサムウェア攻撃の89％が週末や祝日に実行されるとの調査結果もある。　このように、攻撃前の数週間または数カ月にわたり攻撃が行われている現状に対応するには、単純にランサムウェアを阻止することだけでなく、防御する企業・組織側も攻撃ストーリーを把握し、組織的に対処する体制が必要になっているといえよう。　そこでここからは、2021年に見られた攻撃事例をランサムウェアを中心に振り返りつつ、徹底的な調査と研究から2022年の脅威予測と求められる対策のポイントを見ていこう。この記事の続き ＞＞・身代金を支払った組織のうち80％が「再び攻撃を受けた」？・ランサムウェア攻撃の3つの侵入手段とは・サイバー脅威から情報資産を守るために

This continuation is limited to members

From here on, you can use only those who register for "Business+IT Premium Member" (registration free).

今すぐ登録(無料) Loginする

Please register as a business + IT member now.

All are free!Full of benefits useful for business and IT!

完全無料　ビジネス+IT プレミアム会員のメリットとは？

Related content

How to break away from security measures that "just give a feeling of doing" revealed by Mr. Toshio Nazu

Former Ground Self -Defense Force Commander Cyber Senior Corps Security after Corona, which is said to be "military perspective"

[Thorough survey] How do you take measures against "franchise" and "multiple intimidation" of cyber attacks?

Miyazaki University Case: "It is impossible to prevent 100%invasion" What is security measures after invading heterogeneous OS?

SCSK Case: Introducing speed to 10,000 units in just one month, countermeasures against unknown threats by EDR

JINS Case: To take measures against unknown malware and use advanced alert analysis

JR Freight Case: How to compete with cyber threats increasing in "work style reform" and "visualization of risks"

[Case] What is security measures that FinTech companies meet the strict standards of financial institutions?

The amount of damage is 2 trillion yen, dual intimidation type, etc. evolved ransomware damage and the latest measures

Is cyber insurance effective?Will data return with ransom?The truth of ransomware seen from the survey

Incidents that take an average of 36 days, "4 preparations" to avoid panic of cyber attacks

Because security investment does not become effective because there is no "goal"

From the target "telework", from the vulnerable home to the corporate network ... What are the necessary measures?

今度こそ失敗しない、「MITRE ATT&CK」を活用したセキュリティプロセス作成必勝法

"Cyber Threat Alert in the second half of 2020" analyzed by security experts

The difference between Siem and EDR is easy to understand, and the discussion of "which is better" is meaningless.

Three types of "latest ransomware" that should be noted, lessons and defense measures obtained from the analysis results

"5 companies in common" that succeeded in strengthening endpoint measures, which we found out in the FORRESTER survey

"Cyber threat TOP10" aiming for business mobile, the secret to realizing the optimal endpoint measures