Ransomware, Supply chain

Ransomware attackers go big-game hunting

For application security in the corporate environment, Keith Hoodlet said ransomware attackers are going big-game hunting.

While attackers will continue to use a VPN from a consumer application as a backdoor to a phone, the application experience director for Thermo Fisher Scientific said threat actors are after a bigger return on their investment. 

Citing the SolarWinds attack or ubiquitously used technologies such as Microsoft’s Outlook or Exchange, Hoodlet likened ransomware groups to predators preying on large organizations during an SC Media eSummit with Executive Editor Jill Aitoro. 

“You're in a defender standpoint where the predators will always evolve faster than the prey,” he said. “The attackers are going after the bigger game and they're catching them — and they're catching them to the millions of dollars. It's crazy.”

Click here to watch the on-demand eSummit: “Integrating Application Security: Reengineering AppSec as a business catalyst”

When it comes to third-party risk, organizations can reduce their risk by simply talking with the security personnel of a vendor, Hoodlet said.

“You can pretty quickly tell the measure of a company in terms of their security posture when you sit down and actually talk with some of their security personnel,” he said. “And if they don't have security personnel, that should send quite a number of alarm bells to you as a consumer.”

Stephen Weigand

Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.