In recent years, Australia has seen a growing number of cyberattacks, which have become increasingly sophisticated and malice. Criminals continuously refine their tactics, making it more challenging to defend against their attacks. One of the most significant threats today is double extortion, which involves threatening to leak a victim’s sensitive files and demanding a ransom payment, a tactic now infamous in Australia.
Almost half of Australian IT leaders (46%) agree that zero trust network access has clear advantages over traditional firewalls and VPNs for securing remote access to applications. Additionally, almost 40% agree that a legacy network security infrastructure makes secure cloud transformation impossible. As businesses in Australia increasingly move their operations to the cloud, there is a growing need for a new approach to cybersecurity that can protect against the latest threats. When a cyberattack occurs, it is crucial to have a plan in place to mitigate the damage and prevent future attacks.
Adversaries are constantly searching for vulnerable targets to penetrate enterprise defences, and in recent years, SaaS applications have emerged as attractive prey. Such apps are designed to facilitate swift file sharing, collaboration, and automation, and as a result, implanted ransomware can easily spread to connected applications and to users’ devices. When misconfigurations exist in SaaS apps, they create dangerous gaps that can extend access to malicious parties looking to infiltrate the enterprise.
Unfortunately, almost no SaaS apps provide native threat protection and the few that do lack the technological sophistication to identify zero-day threats. Organisations need comprehensive defence against the proliferation of malware and ransomware. This requires using a security solution architected for the modern cloud world and capable of defending against malware for any user, device, and app over any network. Organisations must also be able to trust that their solution of choice can defend against any threat, including zero-day ransomware.
Upon successful infiltration of an organisation, cybercriminals typically begin working quickly to appropriate data. Stealing data and threatening its leak is a common strategy for improving the odds of a ransom being paid. Even if companies don’t feel compelled to pay for decryption, the threat of data exposure can be a sufficient incentive. However, for double extortion to be effective, malicious actors must successfully exfiltrate enterprise data.
This is where cloud data loss prevention (DLP) becomes particularly valuable. Leading DLP solutions scrutinise the content and context of outbound files and prevent their movement as necessary to prevent leakage and disruption of the attack chain.
When deploying and managing a SaaS application, many configuration settings must be applied to ensure that the app functions properly and securely. Where misconfigurations exist, malicious actors can gain access to corporate systems.
There has been an escalation of misconfigurations, which has led to severe organisational crises. It is important that organisations secure their networks and data, emphasising a zero trust architecture.
The Zero Trust approach assumes that every user and device is untrusted until proven otherwise. There has been significant traction in developing this approach. Almost nine in 10 (88%) of organisations in Australia migrating to the cloud have implemented, are implementing, or are in the process of implementing a zero trust architecture. This approach has proven particularly valuable during the pandemic, as more employees have been working remotely, and organisations have had to adapt quickly to changing security threats. Only 13% of Australians indicated that a hybrid work specific zero trust based infrastructure is already in place, indicating that organisations are not equipped to manage the security of this highly distributed working environment on a broad scale.
To ensure best practices for protecting Australian businesses’ data, it’s important for organisations to prioritise zero trust architecture, especially in our hybrid working world. Establishing a secure cloud connection and eliminating misconfigurations are vital to combating ransomware and double extortion and protecting the data of Australians.