Reply To: OCU ISSO Week 4 Lesson 15 Discussion
One of the “more advanced attacks” discussed was ransomware. A more sophisticated type of ransomware is being used to target key and specific data. The agenda of the attackers may not be to take down an organization but to see what data it can steal and sell for the highest price. The attacker determines where the biggest payoff can be found and holds that data for money or ransom. I can think of several cases of this just within the last year or so where the attackers gained access to the data and held it for a high price.
Another “more advanced attack” they discussed was Trusted Third Parties. These kinds of attacks include attacks on our supply chain and the attack on the Microsoft Exchange Server. These kinds of attacks go undetected for a longer period. This kind of malware threat is concerning the fact it can go unnoticed for so long. This is a concern because it allows the threat to access more data and possibly steal that data and sell or dispose of it before the company even realizes there is a threat.
A security officer can try to mitigate and minimize the loss of data by making sure the right security policies are in place and as I mentioned before, making sure those policies and procedures are tested daily. A security officer can also make sure that the up-to-date and current firewalls and antivirus software are installed and working properly. Another way to minimize data theft or loss is to make sure only the right people have access to that data and that their credentials are checked and updated regularly.