Blog

New Ransomware Blueprint Service from ForeNova

Written by ForeNova | October 12, 2021

ForeNova's Attack Surface Blueprint

ForeNovais now offering small and medium-sized businesses a free initial scan and analysis of their IT networkto exposevulnerabilities that attackers could exploit for ransomware attacks with its new Blueprint service. For this analysis,ForeNovaleverages the technology and capabilities of itsNovaCommandnetwork detection and response solution.

After a two-week scan of network traffic,organizations get a picture of theirattack surface andpotentialvulnerabilities they present to hackers for aransomware attack.In addition to the scan, the service pulls in threat intelligence information to create the blueprints.

Afterward,ForeNovaexpertsare availableto explain the results and suggest further action. The experts can create a mitigation planimmediately.Orenterprise IT security teams can use the blueprints to close existing security gaps themselves.

Know what the hackers see: Blueprint vulnerability analysis

ForeNovaRansomware Blueprints are designed topreemptransomware attacks and ultimately deter ransomware gangs looking for weak targets. Blueprints are created quickly and non-invasively. The service provides a complete view of the network environment, including inbound and outbound traffic. It includes the following:

  • Placement of a NovaSensor in the network
  • Non-invasive examination of the network traffic in the enterprise by NovaCommand
  • Transfer of the traffic metadata to Forenova NovaCommand. The content itself is not examined. NovaCommand thus supports compliance with the DSGVO requirements.
  • Overview of the attack surface of the individual company: which assets and applications communicate with each other in the network? Analysis of logs. Targets of incoming and outgoing traffic. Open ports, assets, and systems with older software versions. Possible indications of communication with command-and-control servers.
  • Correlational analysis to detect abnormal traffic.
  • Summary presentation of results in a blueprint of the attack surface.

Based on industry-specific threat intelligence data from tens of thousands of companies, ransomware attacks, and threats, ForeNova has identified three common risk factors:

Internet of Things: Devices connected via IoT, PCs, BYOD hardware are afavouritetarget for attack. Weak passwords, vulnerabilities due to non-updated devices, open ports, and poor management pose a high risk. Ransomware attacks on IoT devices, therefore, increased tremendously in 2020. According to Sonic Wall experts, more than 32 million attacks were recorded in the U.S. alone in the first half of 2021.

Supply chain: Ransomware gangs, which are becoming better and more professionally organized, are increasingly attacking the supply chains on which businesses, industry, and the general public depend more and more. This is because they see them as an easy way to penetrate otherwise highly secured networks. In 2020, according to Sonatype's research, the number of such attacks increased by 430 percent over the previous year. Experts expect another four-fold increase this year.

Employees: They are actually a company's most valuable asset. But the risk posed by the company's own workforce plays a major role due to remote working. In addition, company members can make it easier for ransomware gangs to infiltrate the network if they are not trained and no one is monitoring their IT behavior. The risk they pose, which is often overlooked, is responsible for 60 percent of all unauthorized data access, according to watchdog's research.

"A zero-trust policy is a good start for more ransomware security. But it's not enough to prevent an organization from becoming the next victim of an extortionist attack," said Paul Smit, director of professional services atForeNova. "The future of cybersecurity is not just about having visibility into the entire enterprise network and its supply chain. But in seeing what cybercriminals see. That's what our blueprints show."

Ransomware threatens small and medium-sized businesses. That's because they, in particular, often have gaps in their cyber defenses, making them a worthwhile and easy target for increasingly organized attackers. In the first half of 2021, the number of ransomware attacks increased 151 percent year over year.

Read the press release in German, here.