Forensics Deep Dive: The Importance of Proper Configuration and Monitoring

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

Many of the trends we observed in 2020 continued in 2021. Network intrusions and ransomware continued in full force, representing more than half the incidents we handled last year. Threat actors continued their tried-and-true tactics of encrypting devices and exfiltrating data to extort payments, and also tried new approaches or variations on old ones, like resorting to distributed denial-of-service attacks, contacting company employees to threaten them if ransoms weren’t paid, or looking for new targets in company networks, such as Linux-based systems. And threat actors are also leveraging the data stolen during ransomware incidents for other purposes, like business email compromise and wire transfer fraud.

Organizations didn’t take these challenges lying down. Multifactor authentication (MFA), endpoint detection and response (EDR) tools, immutable backups – we saw more clients than in years past relying on these technologies to combat pervasive cybersecurity threats. But it is not enough to just have the tools – making sure that they are properly configured and monitored is key.

Read more

Explore the site

More from the blog

Latest News