The ransomware attack on Semikron is another example of why organisations need a new approach when it comes to cybersecurity in order to stop both the encryption and leakage of data and files. The German power manufacturer confirmed the attack had partially encrypted their network and LV Ransomware had threatened to leak the data.
Threat actors put decision makers under extreme pressure so that they pay a ransom in order to decrypt their systems and stop the leakage of data. Unfortunately, this method is working. Our research has shown that businesses paid an average of £3 million in ransomware demands, and if threat actors know that this method is working, they will continue to use it.
On top of this, there will be pressure on security teams to get systems back up and running. There will be the stress of trying to figure out where the initial breach happened and the need to secure networks urgently, as well as who has access to their data. It is an awful feeling for any security team to experience and one that should not be accepted by organisations.
Too many businesses accept the “assume breach” mindset and take a reactive approach when dealing with ransomware. However, with attacks continuing to rise, this method is not enough. Organisations should be implementing a prevention-first mindset to stop ransomware attacks before they breach the network. It is time we take a stand against cyber criminals and show that we have had enough.”