https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/IoTWorldToday-mobile-logo.png
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Metaverse
  • Development
  • Security
ioti.com

Security


Getty Images

Cybersecurity monitoring

Responding to a Cybersecurity Breach

Automated and rapid response systems are necessary to respond to cybersecurity breaches, which have become more potent each year, while ransomware is now a government-level issue.
  • Written by Callum Cyrus
  • 6th September 2021

While much of the focus is often placed on preventing cyberbreaches, it’s vital to plan for a rapid response once the worst has occurred.

Throughout IT, cybercriminals are exploiting vulnerabilities in record time and have forged ahead off the back of commoditized toolkits made available through the dark web – known as cybercrime-as-a-service.

Ransomware is becoming a thorn in the side of digitization, and each financial quarter it seems is punctuated with reports of a major breach.

Given the scale of the threat, enterprises must prioritize which responses to mount first in case of an attack, according to Dr Pranshu Bajpai, a security researcher commenting as an independent field expert.

“After gaining initial access, ransomware often seek lateral movement to infiltrate deeper into internal environments,” he said.

A glance at the National Institute of Standards and Technology’s database provides little comfort. As of early August 2021, the U.S watchdog and research board had already processed 63 potential new flaws that month, and nearly 1,600 in July.

After a Breach Hits

Responding to a cyber security breach will depend on the Internet of Things (IoT) systems involved, said Jen Ellis, vice president of community and public affairs at cybersecurity analytics, automation and services provider Rapid7.

An assessment might reveal specific units should be put into quarantine or, in especially sensitive breaches, the responder might defer action to avoid alerting an attacker.

Automated incident response systems – orchestrating workflows, evidence and strategies – can handle some workloads as long as the victim had the foresight to invest. According to IBM data cited by Varonis, enterprises that did so saved $1.6 million on average.

Connected functions in the physical world raise the stakes on attacks, with critical infrastructure increasingly put at risk.

IoT also extends cybercriminals’ reach, enabling malicious attacks to move from IoT devices to core IT systems and shelters malware from standardized operating systems, PCs or mobile, where anti-virus tools offer protection. In massive machine-type communications, such as smart power plants or rail networks, whole swathes of infrastructure may need rebooted.

To respond to security breaches where IoT has been substantially affected, research points to increased costs for the victim.  IBM estimated that, in cases involving connected technology, the typical expense rises by $5 for each compromised record.

Ransomware Continues to Run Rampant

Ransomware has been around for decades but it has come to the fore of the global cybersecurity agenda as the financial rewards for attackers have grown, and because victims have few remedies other than to pay.

Data privacy means extortion tactics can now be employed, with the threat of information being leaked into the public domain enough to threaten organizations. The balance has tipped in favor of perpetrators, who will find sanctuary from law enforcement in overseas jurisdictions, argued Rapid7’s Ellis.

Organizations manage to retrieve just 65% of data on average after paying a ransom, according to Palo Alto Networks. Conversely, the amount of ransom paid doubled from 2019 to 2020, from $5 million to $10 million. By way of a response, the Ransomware Task Force which Ellis cochairs has drawn together 48 recommendations, spearheaded by the Institute for Security and Technology and its international peers.

Ellis said the initiative would look to collaborate and spur existing technologies that assist ransomware victims. One partial antidote, already backed by the task force, is the No More Ransom Project, which provides decryption tools for known ransomware attacks and is sponsored by pan-European enforcement agency EUROPOL.

“It can in some cases mean the [victim] doesn’t have to pay the ransom, which solves the initial part of the problem, although the remainder of the recovery process– including assessing all systems accessed in the breach — are still necessary,” Ellis concluded.

Tags: Security News

Related Content


  • Caltech campus
    Robots Could Gain Sense of Touch, With New Artificial Skin
    New design can help businesses determine the presence of hazardous materials, offer greater safety for workers
  • Clearview AI Fined $9.4M Over Facial Data Scraping
    The company was ordered to delete any data it held on U.K. citizens.
  • Microsoft Ramping up Cybersecurity Service Offerings
    Three new managed services will boost the company’s presence in the security space
  • IoT Product Roundup
    IoT Product Roundup: PTC, Nokia, Arm and More
    All the latest Internet of Things products

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest News

  • Unmanned Robotic Combat Vehicle Being Tested
  • Image shows a Close up of lens on black background
    Carnegie Mellon Researchers Invent System to Find Hidden Cameras
  • STMicroelectronics
    STMicroelectronics, Microsoft Partner to Develop IoT Security Solutions
  • Image shows IoT (Internet of Things) concept.
    IoT Product Roundup: Amazon, Synaptics, Urban Control and More

Roundups

View all

IoT Product Roundup: Canonical, InfluxData, Wiliot and More

23rd June 2022

IoT Product Roundup: Cisco, Telit, Draganfly and More

9th June 2022

IoT Deals, Partnerships Roundup: Google, Arm, Senet and More

26th May 2022

White Papers

View all

The Role of Manufacturing Technology in Continuous Improvement Ebook

6th April 2022

IIoT Platform Trends for Manufacturing in 2022

6th April 2022

Latest Videos

View all

AI Summit 2022: easyJet’s Ben Dias on AI in Aerospace

The company’s director of data science and analytics talks about the industry’s use of AI.

AI Summit 2022: Bob Compton, CIO of Mobilize Financial Services

Compton talks about some of the biggest business challenges with AI

E-books

View all

How Remote Access Helps Enterprises Improve IT Service and Employee Satisfaction

12th January 2022

An Integrated Approach to IoT Security

6th November 2020

Webinars

View all

Rethinking the Database in the IoT Era

18th May 2022

Jumpstarting Industrial IoT solutions with an edge data management platform

12th May 2022

AI led Digital Transformation of Manufacturing: Time is NOW

9th December 2021

Special Reports

View all

Omdia’s Smart Home Market Dynamics Report

7th January 2022

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

IoT Security Best Practices for Industry and Enterprise

20th October 2020

Twitter

IoTWorldToday, IoTWorldSeries

IoT Deals and Partnerships Roundup: Sony, Emnify, Nexxiot and more dlvr.it/STBT4j https://t.co/F9miX0gvkV

1st July 2022
IoTWorldToday, IoTWorldSeries

AI Summit 2022: easyJet’s Ben Dias on AI in Aerospace dlvr.it/ST9SXq https://t.co/ZFAoLpy4v5

1st July 2022
IoTWorldToday, IoTWorldSeries

#Selfdriving tech leaders urging @CAgovernor to allow #autonomous trucks to operate in the state. #AVs @Waymo… twitter.com/i/web/status/1…

30th June 2022
IoTWorldToday, IoTWorldSeries

Wimbledon 2022: AI Operations Inside the Control Room  dlvr.it/ST6sQs https://t.co/dXvyIjtuJD

30th June 2022
IoTWorldToday, IoTWorldSeries

AI Summit 2022: Bob Compton, CIO of Mobilize Financial Services dlvr.it/ST4sVs https://t.co/1dq3tbwycl

29th June 2022
IoTWorldToday, IoTWorldSeries

Vodafone Hints at IoT Spinoff dlvr.it/ST46FV https://t.co/5SNxgkK9yN

29th June 2022
IoTWorldToday, IoTWorldSeries

Autonomous Helicopter Takes off in Canada dlvr.it/ST3sPr https://t.co/OA9RA1XJcY

29th June 2022
IoTWorldToday, IoTWorldSeries

AI Summit 2022: AutoTrader’s Nick King dlvr.it/ST3Ylw https://t.co/XgT5qZtme1

29th June 2022

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X