Ransomware Groups Will Focus on Midmarket Companies in 2023Lou Steinberg of CTM Insights Shares Resilience Strategies for Ransomware Attacks
The number of companies paying ransom declined last year. This is primarily due to an advisory issued by OFAC in September 2021. The FBI's recent takedown of the Hive ransomware group will have near-term and long-term impacts on victims and other ransomware groups like Conti and LockBit.
See Also: Fortify Your Organization against Destructive Cyberattacks
The focus will shift to midmarket companies this year, even as the larger companies get better at defending themselves, says Lou Steinberg, founder and managing partner at CTM Insights.
"The real issue is the technology evolution," Steinberg says. "In ransomware 3.0, [the attacker] will go in and randomly change values in the database, so you won't know what to restore from the backup."
Midmarket companies do not have big budgets for cybersecurity, and they outsource their defenses to MSPs. They are increasingly relying on cloud providers and SaaS solutions.
"But they still need to practice good [cyber] hygiene and do the right things to either prevent or recover from an incident," Steinberg says.
In this video interview with Information Security Media Group, Steinberg discusses:
- The evolving ransomware landscape;
- FBI's takedown of the Hive ransomware group;
- Resilience strategies for ransomware.
Steinberg has been involved with network security and technology innovation throughout his career. Prior to CTM, he was the CTO of TD Ameritrade, where he was responsible for technology innovation, platform architecture, engineering, operations, risk management and cybersecurity.