The Increasing Threat of Ransomware 
United States Authorities reported that ransomware payments of approximately $590 million were made during the first six months of 2021, a significant increase compared to the $416 million reported for the whole year of 2020. With the alarming increase in complexity and volume of attacks, the US Department of Homeland Security confirmed that ransomware is a major threat to national security. 2022 will see both an increase in ransomware attacks and more avenues exploited to inflict them. Ransomware-as-a-Service kits are now being bought and leveraged by inexperienced cybercriminals to deploy undetectable attacks across multiple paths.
The Need for AI to Protect Against Ransomware
Traditional security tools can only detect cyber threats using the rules and signatures they know, and are unable to detect new strains of ransomware that are continually being discovered. Organizations must adopt new security technology that identifies emerging threats immediately before any damage is done. Many IT/security teams are too small and busy to keep up with emerging threats, leaving many vulnerabilities open to attack. With BCG reporting that 56% of executives say their cybersecurity analysts are overwhelmed, AI and machine learning are pragmatic, driven by the need to reduce the workload analysts face daily.
Artificial Intelligence (AI) has revolutionized cyber defense by detecting attacks that the human eye cannot, and taking the necessary actions to neutralize the threat. More specifically, AI has revolutionized detection, investigation, and response to cyberattacks. The innovative technology learns a user's behavior over time to recognize threats outside normal human behavior. Since ransomware has the power to encrypt a company's infrastructure in a matter of minutes, a machine-speed response is critical to minimizing the impact.
The Great Resignation will also affect the number of insider threats, as employees may take sensitive information with them to their new positions at other companies, either accidentally or intentionally. DarkReading's recent article surrounding cybersecurity predictions in 2022 stated, "The Great Resignation also indicates an increasing number of disgruntled employees who are more likely to be recruited to intentionally undertake insider threats by cybercriminal syndicates or nation-states". AI offers organizations the technology they need to combat this threat by detecting when employees act in an unusual manner. The technology can automatically take action to prevent them from intentionally or unintentionally engaging in malicious behavior.
Cyber Insurance Increased Requirements
Cyber insurance is increasingly being adopted by companies with the goal of mitigating the financial loss associated with cyberattacks. With the exponential increase of ransomeware attacks over the past year, the need for cyber insurance has correspondingly increased. Chief Insurance Officer, Lori Bailey, stated "In certain industries and certain revenue segments it's not uncommon to see a requirement for cyber insurance before engaging in a contract". With the increase in demand for cyber insurance, providers have tightened their requirements for coverage. Providers want to make sure that companies are doing everything on their side to prevent a cyberattack, "They want to see everything to the detail of what a client is doing to protect their networks or train their employees, to see if they have an incident response plan and so on" Andrea Rebora, cybersecurity associate stated. On top of validating current cybersecurity practices, insurers are now requiring businesses to implement multi-factor authentication (MFA) as well as endpoint detection and response (EDR) before granting coverage.
AI / EDR Technology Available
Darktrace
Darktrace's Self-Learning AI takes Endpoint Detection Response a step further with autonomous detection and response. By learning normal 'patterns of life' for every user and technology in the organization, it is capable of recognized subtle deviations that point to an emerging threat, including never before seen ransomware. Automatically investigating each threat, users can easily identify each affected device along with the full scope of the incident communicated to them. Darktrace Antingena is the only solution that can interrupt the attack at machine speed with surgical precision. This product offers security teams a sense of relief knowing that the business is protected 24/7.
Carbon Black
VMware Carbon Black Enterprise EDR is an advanced threat hunting and incident response solution delivering continuous visibility for top security operations centers (SOCs) and incident response (IR) teams. It always provides immediate access to the most complete picture of an attack, significantly reducing the time spent on traditional investigations. Additionally, you are given the power to respond and remediate in real time, stopping active attacks and repairing damage quickly.
Acronis Active Protection
Acronis Active Protection leverages the latest technology to deliver advanced protection against ransomware on all fronts - from external drives and removable devices to mobile devices, desktops and laptops, servers, networks and backups. Integrated into Acronis solutions like Acronis Backup and Acronis Cyber Cloud, you can effectively defend against evolving strains of malware.
As cybercriminal techniques evolve and mature into smarter, more complex attack - we must become more proactive versus reactive. Artificial Intelligence provides organizations an effective and efficient approach to preventing and protecting against ransomware. If you are interested in learning more about these AI or EDR tools we offer, contact us to speak with an engineer.
