Hardly a week goes by without another major company falling victim to a ransomware attack. Nate Warfield, CTO at Prevailion, discusses the immense challenges in changing that status quo.
Yes, security is hard – no one is ever 100 percent safe from the threats lurking out there. But how is it that time and time again, companies – big companies – are continuing to fall for ransomware attacks? Why aren’t we getting any better at preventing them?
Let’s explore the main reasons why, starting with some basics before getting more in-depth:
2FA lags User error will never go away Outdated AV Detection & response delays “Living off the land” detection fails Cobalt Strike and other legitimate tools repurposed Cybercrime collaboration is masterclass Public-policy failure & geopolitical problems Cryptocurrency fuel 2FA Not Implemented Universally
Two-factor authentication (2FA) is probably the easiest security improvement an organization can implement, and it’s one of the most advocated-for solutions by infosec professionals. Despite this, we continue to see breaches like Colonial Pipeline occur because organizations have either failed to implement 2FA or have failed to *fully* implement it.
Anything that requires a username and password to access should have 2FA