Secure Your Application Services Against the Evolving Ransomware Threat

  • July 20, 2023

The evolving threat of ransomware

According to NTT DATA's Global Threat Intelligence Report (GTIR) 2023, the world has seen a significant increase in cyber threats, including ransomware. The report notes that web-based application and desktop application threats made up 70% of attacks, indicating a shift in the modus operandi of cybercriminals.

The report also highlights how certain sectors, including Technology, Manufacturing, Transport/Distribution, and the Public Sector, have been particularly targeted due to their integration into infrastructure and supply chains. This increased prevalence has impacted business continuity across these sectors.

The typical modus operandi

Cybercriminals use ransomware to block access to computer systems until they receive a ransom payment. Phishing, remote attacks on public-facing infrastructure and unauthorized remote desktop connections continue to be the primary sources of infiltration for ransomware.

As highlighted by GTIR 2023, they often target applications and related services because of the sensitive data they store. When ransomware encrypts data in an enterprise application, it becomes unusable and inaccessible. Moreover, these attacks are difficult to detect and mitigate because they spread rapidly across enterprise applications, affecting multiple systems and servers. As a result, they often snowball into a large cyber catastrophe. This disruption can lead businesses to suffer significant financial and reputational losses. According to Gartner, the cost of recovery and resulting downtime in the aftermath of a ransomware attack, and the cost of the reputational damage, can amount to 10 times the amount of the ransom itself.*

Proactive measures to prevent and combat ransomware attacks

Modern organizations must adopt a multi-pronged application security approach to address ransomware attacks effectively. These measures include:

  • Data backups: By regularly backing up essential data, businesses can quickly restore it in the event of a ransomware attack.
  • Network segmentation: Dividing networks into smaller segments can help isolate ransomware, preventing it from spreading across the entire network.
  • Employee training: Educating employees on cybersecurity, best practices and raising awareness about ransomware can reduce the chances of a successful attack.
  • Code scanning: Regularly scanning application code for vulnerabilities can help identify potential security risks before they are exploited.
  • Penetration testing: Simulating cyberattacks can help organizations identify weak points in their security infrastructure.
  • Threat analysis: Continuously tracking and analyzing potential threats helps businesses stay informed about the latest ransomware techniques.
  • Zero Trust architecture: Adopt a Zero Trust approach, which assumes no default trust for users or devices. You enhance security by mandating authentication and authorization at every access point.
  • Identity management: Implementing robust identity management solutions makes sure that only authorized users have access to sensitive data, reducing the risk of unauthorized access.
  • Other security protocols: Also, organizations should enforce security protocols such as: Data encryption, Firewalls and Access control policies.

It's crucial for businesses to focus on both prevention and recovery. A successful prevention strategy should remove weak links in an organization's security chain. Recovery best practices involve assessing the environment and identifying critical applications that need rapid recovery to maintain business operations. To safeguard this, essential set, applications should be protected in a secure vault with immutable system backups, protecting the safety and availability of vital data.

Companies must make sure their application services providers follow all required regulations and protocols. Collaborating with providers who include regular security assessments and fortifications at no extra cost can enhance application security and bolster ransomware protection.

Knowledge is power

Safeguarding application services is critical for modern organizations. As application-centric attacks rise, businesses must implement robust security measures and collaborate with experienced providers like NTT DATA. This is particularly important for sectors like Technology, Manufacturing, Transport/Distribution and the Public Sector, which have been identified as the most attacked sectors.

To better understand the evolving landscape of ransomware and other cyberthreats, we highly recommend reading the full 2023 Global Threat Intelligence Report. The report provides a comprehensive overview of the current threat landscape and offers valuable insights that can help you enhance your organization's security posture.

Additionally, contact us today for a consultation or visit our Application Security web page for more information to learn more about how we can help protect your application services.

Don't wait until it's too late. Equip your business with the knowledge and tools needed to combat the evolving threat of ransomware.

* Gartner Inc., How to Prepare for Ransomware Attacks, Published June 16, 2022 - ID G00772397, By Paul Furtado. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.


Subscribe to our blog

Mar’ia Adkisson.png
Mar’ia Adkisson<p>Mar’ia Adkisson has been in the IT industry for nearly 30 years. Mar’ia leads the Application Services portfolio for the Life Sciences and Healthcare industries. She enjoys focusing on opportunity strategy, innovative solutions and transforming client businesses. Before joining NTT DATA, Mar’ia Adkisson served as Vice President of Sales, Business Development and Channel Sales at Windstream, where her teams’ strategy and execution led to significant company growth. Mar’ia enjoys cooking, gardening, reading, snow skiing, waterskiing, and traveling with her husband Duke.</p>
Brian Saucier

Brian Saucier is a Portfolio Specialist with NTT DATA’s Security team. He has nearly 20 years of experience consulting, designing, implementing, operating, and selling enterprise security solutions and enjoys helping clients map their long-term business goals to technology initiatives. Prior to joining NTT DATA, Brian was a director of technology consulting at NTT Security.

Related Blog Posts