top of page

HUESPAPER BY THE NEW HUE

Manila, Philippines

Writer's pictureThe New Hue

The Midgame Strategy Against Digital Threats

Updated: Jul 15, 2022


For us consumers, there is no safer photo than this.


Seeing a table composed by some of the top Chief Information Security Officers (CISOs) in the country to discuss and continue their vision of a safer digital way of life for us shows a progressive society coming to the digital age. Westcon Philippines together with Extrahop held their 2022 CISO Symposium at The Peak, Grand Hyatt in Taguig last night.


As we make our move forward out of this pandemic, digital transformation has been a key aspect of how we changed the way we lived. Hence, we have been accustomed to the new avenues of services that our trusted businesses provide. Along with it, the threat that goes along with it turns digital as well. There have been awareness campaigns for the consumers to be knowledgeable that's been floating around and help minimise the exploits of these digital schemes.


Joyce Lim - Regional Sales Manager of Extrahop


Present in the event was Joyce Lim - Regional Sales Manager, Vallabha Bhat - Business Development Manager, Stephanie Kwok - Senior Marketing Manager and Daniel Chu - Vice President of Systems Engineering of Extrahop who discussed about "The Midgame Strategy".


Daniel Chu - Vice President of Systems Engineering


Being the scheme that gives direct real world impact to both the attacker and victim by extortion, it has easily become the go-to threat for all. A threat that is driven by money by locking your data and disabling your digital life equates to real life effects. Ransomware attacks have become increasingly common with attackers targeting organizations with weak security practices. In fact, a recent survey revealed that 85% of organizations have fallen prey to ransomware in the past five years. And this crime pays: The predicted global cost of ransomware attacks has climbed steeply with a more than 4x increase between 2017 and 2021 to an estimated $20 Billion, and may be up to 265 Billion by 2031.


An excerpt from Extrahop's website stating their piece on how to 'Combat Ransomware in the Midgame'

Modern ransomware is now carried out in a three-part playbook: opening (initial access), midgame (post-compromise), and endgame (extortion cycle). Each stage of the playbook consists of a variety of techniques designed to allow attackers to evade security measures and compromise then gain control over additional assets.
Initial access is where attackers gain a foothold through a wide range of techniques including phishing, exploitation, and drive-by downloads.
Security controls for this phase include firewalls, EDR, email filtering, etc. These tools and controls are designed to prevent the attacker from gaining a foothold in the environment.
The midgame begins when the attacker has compromised at least one device and begins pivoting through the target infrastructure. This is where attackers have the most freedom of action. Attackers will begin reconnaissance of the target network, stealing usernames, setting up persistence mechanisms, and compromising additional systems.
Security policies for this stage include least-privilege user and device permissions, limiting or disabling PowerShell, and device posture assessment tooling. Network architectures should include segmentation and monitoring with security tooling including EDR, NDR, East/West focused IDS, and NAC.
The extortion cycle begins with the launch of the ransomware. At this stage, the attacker has launched their final assault on the target organization. Rapid response at this stage may minimize the damage however it is highly unlikely that mitigation efforts will be entirely successful.
Backups, both online and offline, are critical to the success and speed of recovery operations. Backups should be performed as frequently as possible with regular cold storage backups. This ensures that if the attacker compromises one set of backups, cold storage backups are available to restore from.

The CISO table discussion with Jenny Diamzon-Santos, Country Manager of Westcon Philippines


Also present in the said event was Abet dela Cruz of Security Bank, Alex Bernardino of PLDT to name a few who joined the table for the said event. Westcon Philippines being the host for the said event was also in full force last night headed by their Country Manager - Jenny Diamzon-Santos, Alliance Manager - Roland Moreno, Sales Manager - Beth Ordoñez, Business Manager - Jen Siman and Extrahop's Product Manager - Vino Roque.


For more information on Extrahop, you can visit Westcon Philippines in their Facebook page here.

Comments


bottom of page