Connect with us

Hi, what are you looking for?

Tech & Science

Holistic approach is needed to defend firms from cyberattacks

This attack exemplifies that one step organizations must maintain an in-depth view of the entirety of their IT estate to help mitigate and prevent cybersecurity risks.

Image by © Tim Sandle
Image by © Tim Sandle

The Lockbit Ransomware gang has taken credit for the ransomware attack on Entrust, a digital security giant. In June 2022, Entrust began notifying customers that they suffered a cyberattack where data was stolen from internal systems.

It appears that the ransomware group attacked Entrust after purchasing access to the corporate network through “network access sellers.”

After further research on network access sellers, it appears that the number of malicious actors offering vulnerable network information have been tripling in the past few years, bringing to light the concerning fact that not only are actors aware of company breaches long before the company itself finds out, but they can use this information to operate an entire underground business, selling these highly sensitive vulnerabilities to malicious purchasers.

Looking into the issue for Digital Journal is Keith Neilson, Technical Evangelist at CloudSphere. Neilson considers why the issue took so long to come to light and what this says about the detection abilities of firms.

Neilson begins by emphasising the importance of establishing a broad overview within a firm to guard against cyberattacks: “It is a concerning realization that businesses’ vulnerabilities are found and secretly extorted long before they are even made aware of these flaws. Without holistic awareness of the company’s IT infrastructure, unknown vulnerabilities such as this one can be found and extorted for the personal gain of the malicious network access purchaser.”

Neilson adds that the primary safeguard is for companies to undertake a root and branch review of their systems and procedures: This attack exemplifies that one step organizations must maintain an in-depth view of the entirety of their IT estate to help mitigate and prevent cybersecurity risks. This requires the implementation of a robust cyber asset management strategy.”

Another important decision relates to the use of technology. However, care must be taken when selecting the appropriate cybersecurity systems. Here Neilson  advises: “When investing in a cyber asset management platform, companies must ensure that it provides comprehensive, real-time observability of their entire IT environment to stay apprised of abnormalities and keep the entire attack surface secure.”

Neilson’s final advice is: “With comprehensive visibility into their entire IT Estate, companies can operate with confidence knowing that they can remediate issues before they are exploited.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Business

Speaking at the Innovation Week YYC Launch Party, Naheed Nenshi shared his vision for how Alberta can harness its innovation potential.

Life

COVID-19 pandemic did not lead to an excess in suicide mortality in 2020, that does not mean that the pandemic wasn't related, in some...

Entertainment

A scene from ‘The Lord of the Rings: The War of the Rohirrim’ courtesy of Warner Bros. Pictures‘The Lord of the Rings: The War...