October 12, 2021
New Ransomware Blueprint Service from ForeNova
ForeNova offers a free initial scan of IT network with Network Detection and Response solution NovaCommand
ForeNova's Attack Surface Blueprint
ForeNova is now offering small and medium-sized businesses a free initial scan and analysis of their IT network to expose vulnerabilities that attackers could exploit for ransomware attacks with its new Blueprint service. For this analysis, ForeNova leverages the technology and capabilities of its NovaCommand network detection and response solution.
After a two-week scan of network traffic, organizations get a picture of their attack surface and potential vulnerabilities they present to hackers for a ransomware attack. In addition to the scan, the service pulls in threat intelligence information to create the blueprints.
Afterward, ForeNova experts are available to explain the results and suggest further action. The experts can create a mitigation plan immediately. Or enterprise IT security teams can use the blueprints to close existing security gaps themselves.
Know what the hackers see: Blueprint vulnerability analysis
ForeNova Ransomware Blueprints are designed to preempt ransomware attacks and ultimately deter ransomware gangs looking for weak targets. Blueprints are created quickly and non-invasively. The service provides a complete view of the network environment, including inbound and outbound traffic. It includes the following:
- Placement of a NovaSensor in the network
- Non-invasive examination of the network traffic in the enterprise by NovaCommand
- Transfer of the traffic metadata to Forenova NovaCommand. The content itself is not examined. NovaCommand thus supports compliance with the DSGVO requirements.
- Overview of the attack surface of the individual company: which assets and applications communicate with each other in the network? Analysis of logs. Targets of incoming and outgoing traffic. Open ports, assets, and systems with older software versions. Possible indications of communication with command-and-control servers.
- Correlational analysis to detect abnormal traffic.
- Summary presentation of results in a blueprint of the attack surface.
Based on industry-specific threat intelligence data from tens of thousands of companies, ransomware attacks, and threats, ForeNova has identified three common risk factors:
Internet of Things: Devices connected via IoT, PCs, BYOD hardware are a favourite target for attack. Weak passwords, vulnerabilities due to non-updated devices, open ports, and poor management pose a high risk. Ransomware attacks on IoT devices, therefore, increased tremendously in 2020. According to Sonic Wall experts, more than 32 million attacks were recorded in the U.S. alone in the first half of 2021.
Supply chain: Ransomware gangs, which are becoming better and more professionally organized, are increasingly attacking the supply chains on which businesses, industry, and the general public depend more and more. This is because they see them as an easy way to penetrate otherwise highly secured networks. In 2020, according to Sonatype's research, the number of such attacks increased by 430 percent over the previous year. Experts expect another four-fold increase this year.
Employees: They are actually a company's most valuable asset. But the risk posed by the company's own workforce plays a major role due to remote working. In addition, company members can make it easier for ransomware gangs to infiltrate the network if they are not trained and no one is monitoring their IT behavior. The risk they pose, which is often overlooked, is responsible for 60 percent of all unauthorized data access, according to watchdog's research.
"A zero-trust policy is a good start for more ransomware security. But it's not enough to prevent an organization from becoming the next victim of an extortionist attack," said Paul Smit, director of professional services at ForeNova. "The future of cybersecurity is not just about having visibility into the entire enterprise network and its supply chain. But in seeing what cybercriminals see. That's what our blueprints show."
Ransomware threatens small and medium-sized businesses. That's because they, in particular, often have gaps in their cyber defenses, making them a worthwhile and easy target for increasingly organized attackers. In the first half of 2021, the number of ransomware attacks increased 151 percent year over year.
Read the press release in German, here.