It’s always been important to secure your web applications against a wide range of threats, but recently it’s become even more urgent.
That’s because ransomware criminals, whose primary vector of attack has for a long time been email, are increasingly using application-based attacks as the first step in an attack chain leading to the deployment of ransomware in target systems.
Email security strong, app security … less strong
One key reason for this shift from email to app-based ransomware attacks is that increasing numbers of organizations have invested in advanced, AI-driven email security solutions like Barracuda Email Protection. These solutions are very effective in detecting, preventing, and responding rapidly to the kinds of phishing and account-takeover attacks that have long been used to infiltrate ransomware into target networks.
At the same time, a significant number of organizations use only rudimentary application-security — or, even if they invested in full-featured application-security solutions, they have never fully configured them or have failed to update the configuration as they develop and deploy new or updated applications.
This is largely due to the fact that traditional app-security solutions are frankly very complex to configure correctly. Overextended IT security teams often find it simpler to only monitor application traffic without instituting automatic remediation or prevention capabilities. And, of course, DevOps teams are always in a hurry to go live with new apps and can be impatient with complex security audits that delay full production.
The path of least resistance
As a result, there are plenty of vulnerable applications out there that make tempting targets for ransomware crooks, who are nothing if not consummate opportunists. Over the past few years, their attacks had already grown increasingly complex, exploiting multiple vectors in successive stages, creating intricate scenarios that culminate in detonating ransomware. So the fact that they are now using classic application-compromise techniques like SQL injection to initiate ransomware attacks is not surprising. They are simply following the path of least resistance.
Barracuda and AWS e-book
Barracuda and AWS have recently teamed up to produce a new e-book to explain these developments in detail. Read it to get a step-by-step analysis of a typical modern app-based ransomware attack. You’ll also see how Barracuda Web Application Firewall — which you can provision directly from the AWS Marketplace — protects your public-facing apps against all the most sophisticated threat modalities.
And speaking of Barracuda Web Application Firewall, you might be pleasantly surprised to find out that compared to older app security solutions, it’s incredibly simple and fast to configure and deploy. Which means that there’s really no good excuse any more for leaving your applications inadequately protected from the new wave of app-based ransomware.
Tony Burgess is a twenty-year veteran of the IT security industry and is Barracuda’s Senior Copywriter for Content and Customer Marketing. In this role, he researches complex technical subjects and translates findings into clear, useful, human-readable prose.
You can connect with Tony on LinkedIn here.