Jim Richberg, field chief information security officer at Fortinet, has said that organizations need to be proactive in protecting disparate networks against end-to-end ransomware threats based on an “as-a-service“ framework.
Richberg wrote in an opinion piece published Monday on GCN that ransomware-as-a-service attacks deploy additional concepts such as "doxing“ to infiltrate encrypted data needed to support critical citizen services.
He noted that agencies must “regularly and automatically“ back-up network data in offsite locations and implement zero-trust procedures such as continuous assessments to ensure that mission-critical functions are not disrupted.
He also recommended agencies to segment their networks, implement forensic analysis for information technology systems, run recovery drills and invest in employee cybersecurity training.
“As cybercriminals expand the RaaS market with new ransomware variants to increase their potential profits, governments must significantly step up efforts to protect agencies, networks, personnel and citizens,“ said Richberg.
“Being smart and proactive in identifying malware and implementing defensive steps is key to improving their odds.“