Infoblox has published its Quarterly Cyberthreat Intelligence Report for Q2 2021. This report includes the company’s publicly released threat intelligence from April 1, 2021, through June 30, 2021.
An Expanded View of Ransomware
Ransomware is once again front and center in the quarterly threat report. This year has turned out to be one of the worst years for ransomware. Why? Because that’s where the big money is. Large potential return on investment makes ransomware extortion activities highly compelling for threat actors.
Approximately 10 percent of all breaches now involve ransomware. The impact and expense of successful ransomware attacks can be crippling to an organization. The recent attacks on JBS and Colonial Pipeline have once again brought focus to the danger of increasingly sophisticated ransomware campaigns.
The estimated payments in 2020 associated with ransomware have been estimated to be about $370 million in cryptocurrency. Ransomware costs are not just about the ransom payouts. The total damage associated with ransomware is estimated to be much higher than the cryptocurrency payouts—perhaps $20 billion.
The report overviews the ransomware-as-a-service process flow and the primary channels of distribution, as well as provide deep coverage of ransomware campaigns where we have previously done original research. The report includes information on the NIST cybersecurity framework profile for ransomware risk management, and the CISA new ransomware readiness assessment, both published by these government agencies in June of this year.
Core Research on Malware Variants and Trends
The report reviews the new and recently emerged malware variants and trends, how these differ from other variants we have seen in the past, and defensive tactics and best practices that work. Included in the report is coverage of the company’s published research and cyberthreat advisories on the following campaigns:
Guidance on DNS Security
DNS is key to the foundational security stack in the public sector. The NSA and CISA have gone on record in 2021 with guidance recommending that every agency, organization and enterprise leverage the existing DNS protocol and architecture by using a protective DNS (PDNS) service. This information sheet, Selecting a Protective DNS Service, details the benefits and risks of using DNS security and assesses several commercial PDNS providers based on reported capabilities.
Infoblox foundational security using BloxOne Threat Defense provides very comprehensive DNS security capability. Infoblox received 100 percent of the performance score based upon the criteria defined by NSA.
Mohammed Al-Moneer, Regional Director, META Region at Infoblox says, “The Q2 2021 Cyber Threat Intelligence Report provides detailed analysis on the most pressing risks and cyber threats facing business organizations today. For IT security professionals, the report delivers important news on the evolving methodologies and technologies attackers are using to breach defenses. Just as importantly, it details the measures law enforcement is bringing to bear to combat the ransomware wave that’s plagued international businesses and non-profits in recent years. Accurate intelligence about timely, relevant threats enables an organization to make thoughtful, targeted improvements to its defenses and lower its risk.”
The Q2 2021 Quarterly Cyberthreat Intelligence Report can be downloaded here.