Tag Archives: XDR

Ransomware Is at Version 3.0 – Kaspersky Has a Solution in Their XDR Platform

Did you know that Ransomware attacks started in 1989? At least that was the first known ransomware attack known to the modern world. It happened towards the end of the year in 1989 and it targeted the healthcare industry. No, not just a single healthcare institution that was attacked.

The First Ransomware

It was an industry wide attack initiated by a Dr. Joseph Popp, a PhD holder and AIDS researcher. He distributed 20,000 floppy disks (diskettes) to AIDS researchers around the world spanning 90 countries. He claimed that the disks contain a risk analysis program for AIDS via a questionnaire. The program does exist. Alongside the program though is also a malware that remains dormant in a PC making its source difficult to pinpoint back then. After the PC is powered on 90 time, the malware locks the PC and displays a message demanding a payment of US$ 189 and another US$ 379 for a software lease. This, the first ransomware in the world, was called the AIDS Trojan.

The Evolution of Ransomware

In 2020, Ransomware 2.0 became a thing and Kaspersky saw it. Attacks become even more targeted. Attackers employ threatening tactics that could increase the impact of the attack. They even pressure targets by threatening their public reputations. In that case, attackers can even demand for higher ransom.

In 2022, the world of Ransomware evolved again, and you now have Ransomware 3.0 or Lockbit. Instead of just locking the target’s data, they now control the target’s data. They have the liberty to sell these data to the highest bidders. They can even conduct DDoS or phishing attacks that targets their target’s clients or staff members of their target. Of course, the ransom goes up again. Lockbit has been identified as the most popular ransomware used in at least 115 known attacks in Southeast Asia.

Lockbit is not just used by a single group of attackers though. Lockbit is a group that also sells their services and ransomware program to other attacking groups. The latest known version of the program is Lockbit 3.0, and it is updated regularly to foil early detection, and even more targeted than ever before.

We Are NOT Safe

As it is, while Ransomware has been a term that has been thrown around for the past couple of years, it is a more serious problem than plenty thinks, especially with Lockbit 3.0. More ransomware attacks have occurred than we know. Most of them are reported too late too, meaning they have been attacked and would have to pay the ransom. While the healthcare industry is still one of the most targeted industry for ransomware attacks, the attacks also affects the education sector, manufacturing sector, and even motorsports. It is a serious problem, not just after you have been targeted, but even before; every one of us are vulnerable.

So how do you prevent an attack, or even foil one? There are a few methods that larger corporations employ that you can work with as well. One of them is to create data backups regularly. You can either get a cloud provider to do that for you or store your backup data in a physical server location within your premises. The physical option can cost a lot of money though, you have been warned.

Kaspersky’s Solution

Kaspersky XDR
Source: Kaspersky

If not, why not just prevent it altogether with an early detection program for your entire digital infrastructure? That is what Kaspersky’s Extended Detection and Response (XDR) program aims to do.

Kaspersky’s XDR program is not just another anti-virus or cyber security program for the masses. It is a highly sophisticated program that should cover all your bases in terms of a system-wide cybersecurity measure. It is a sort of early detection and prevention platform that should offers multi-layered safety nets in your vast digital network.

While it is not a one-stop-shop solution for cyber security, Kaspersky’s XDR aims to cover most of your cybersecurity concerns from a single place. The platform aims to offer more visibility in the user’s cybersecurity network, simplify the processes and programs into a single space, and even foil new threats that are yet to be known to the wider industry. The question is ‘how’?

Kaspersky’s XDR is not just tailored to specific users. It is also a part of a bigger network that they call Kaspersky Security Network (KSN). While most of the data within the network cannot be specifically shared with Kaspersky’s clientele, data collected from each user is used within Kaspersky to form better understanding of upcoming and occurring threats. That also allows the program to understand threats better across industries and react accordingly based on the data it collected from previous known attacks.

It also simplifies the investigation processes by consolidating large volumes of alerts and incident reports into smaller clusters with differing priorities. On top of that, each incident report now comes with context that also ensures that the information provided is not just relevant, but also important to the investigation. It quickens the investigation process by streamlining the process and in turn also makes it more precise. Beyond that, Kaspersky’s XDR offers response options to attacks for better protection in the future. All of these should be accessible from a single interface by Kaspersky as well.

Doing More, Not Less

Again, the Kaspersky XDR platform is not a one-stop-shop or the only cybersecurity solution out there that could prevent the next big ransomware attack in your organization. As of 2023 though, Kaspersky’s platform has prevented the most ransomware attacks in the Southeast Asia region. In 2022 alone, Kaspersky has detected and prevented more than 130,000 ransomware attacks in Indonesia alone.

There are other things, in our opinion that you should also do to prevent an organization-wide ransomware attack. First, you must be aware; quite obviously. You also want to make sure that you do not respond to suspicious emails, or pick up any random drives and insert them to your work PC. We also recommend that you keep backups of your important data in a few locations, including cloud, and keep them separate and safe. But you can never be too safe, therefore having extra layers of security with Kaspersky’s XDR could also be that differentiating factor between paying a large ransom, or getting through your Monday like any other Mondays.

If you are interested in Kaspersky’s XDR program and even other services by Kaspersky, you can visit their website for more information. You can also email them directly for all your inquiries. Or, if you are more concerned with personal protection, you can still go to their website for your own end-point protection plan.