Spentra Highlights Ransomware Threat: Important Lessons For The Business World

JAKARTA - Cyber ransomware threats have become increasingly a hot topic of conversation in recent times, after the Temporary National Data Center (PDNS) 2 in Surabaya was attacked by Brain Cipher ransomware.

According to the National Cyber and Crypto Agency (BSSN), the ransomware incident is one of the five largest cybercrime cases handled throughout 2023.

Not only threatening the public sector, ransomware also affects the business world. Based on research from Cyberint, ransomware attacks increased by 55 percent from 2022 to 2023.

This phenomenon further justifies the need for comprehensive cyber protection in various parts of the organization, company, and business.

In response to this, Spentara as a cybersecurity consulting firm focused on penetration testing services, vulnerability discovery, handling of digital incidents and forensics, provided six important steps to protect organizations from similar attacks.

6 Steps To Protect Organizations From Similar Attacks

Implementing Multifactor Authentication (Multi-Factor Authentication/MFA), this is to add a layer of security so that sensitive systems and data can only be accessed by legitimate users.

Conducting patching and updating the system regularly. This step is mandatory, but it is very useful to close security gaps and protect the system from new threats.

Limiting access to various resources through the network. By controlling and limiting access to resources through the network only to users who need it, the attacker's space is increasingly limited to being able to find loopholes.

Implementing the Network Segmentation (Network Segmentation) and Monitoring. This makes it easier for the security team to monitor the activities that occur between these segments, including incoming traffic, to detect and obstruct movement by the attacker.

Implementing Identity Access Management (IAM) as well as Special Access Rights (Privilged Access). Organizations are advised to use a tool that enables management and limits the efficient use of admin accounts to protect the identity and rights of special access.

Implementing data backup procedures and policies. Because what ransomware actors want is for victims to pay a certain amount of ransom to be able to open data, backup aka backup and data restoration can be one way to prevent attackers from achieving their goals.

These steps not only strengthen cyber defense, but also ensure more comprehensive business operational security, said Thomas Gregory, Director of Blue Team Operation of PT Spentera.