Data Breaches vs. Ransomware: What’s the Difference?
It is clear that South African organisations are at risk from the same cyber-attacks that affect major global economies. The cyber threat landscape is constantly evolving in order to get around existing defence mechanisms.
Cybercriminals are now using hacking attacks and insider attacks to gain access to endpoints and extract data from within the organisations network – resulting in a data breach. A data breach in which the data is held for ransom is not the same as a Ransomware attack. Ransomware generally restricts access to the data on infected machines until the ransom is paid. A data breach, however, is a security incident in which sensitive or confidential data is copied and stolen from the organisation, it can then be used in a number of ways both for financial gain and to cause harm.
Conventional file-based Ransomware attacks, although still a threat have become somewhat commoditised, and can be contained using execution control found in certain next-generation Endpoint Detection and Response (EDR) technologies.
“There is a distinct shift from cybercriminals using malware and file-based attacks, to sophisticated hacking attacks and insider attacks on an organisations network – that result in data breaches”, says Jeremy Matthews regional Click here to read entire article
Source:: IT News Africa