Are you psychologically prepared for the Cyber trenches?
The preparation phase of the incident response lifecycle is often associated with technical efforts geared towards better understanding the enemy, however preparing ones own mind for Cyber D-Day is equally, if not the most important tool you should be sharpening.
One method which has been instrumental in constantly keeping me in this heightened Cyber preparedness state sees me rotating between these three ransomware victim notification websites daily:
(Always on the hunt for more FREE & PAID sources)
https://www.ransomware.live/ does an excellent job of cataloging new ransomware victims based on the following data points:
-Organization Name
-Country
-Sector/Industry Vertical
-Name of Ransomware Group which led to their compromise
-A custom or AI generated description of the organization
-Revenue (Optional, can be figured out using Google)
--From this information alone with targeted OSINT a wealth of additional information could be sourced about the organization and the extent of the breach details.
领英推荐
The realization becomes clear as day that NO organization is safe from compromise, and it is only a matter of time before your organization or client(s) will appear on the ransomware victims list. One is also left wondering about victims who have been hit, and have managed to hide their compromise from the general public.
There are hundreds (Yes, 100s) of Ransomware Groups operating today in various active or no longer active (dormant) states who have and continue to successfully hold organizations ransom for a disclosed or undisclosed amount of money daily.
Another very impactful feature found on Ransomware Live are the Negotiation Chats. Here you will find communications between the victim and Ransomware Group support staff. As you read these various interactions the overarching feelings of: distress, concern, uncertainty, worry, confusion and urgency (to name a few) are conveyed by the victim. Victims are seen pleading with Cyber criminals to lessen the ransomware amounts, with the sole goal of maintaining availability and continued revenue generation for their organization with haste. Through diving deep enough in these communications i have been able to source a Ransomware Group providing lessons learnt advisory to the victim on what they should do to ensure no recurrence of their successful compromise. The direct root cause for compromise has also been shared with victims once they have paid the ransom on several occasions.
I feel that the alure of money, a fancy job title and public status has introduced individuals into Cyber who simply don't care as much about this job as they should, focused more on short term individual gains to ensure the biggest bang for their buck as they jump to the next organization willing to hire them.
Cyber is a deadly serious career profession, and depending on the industry type you are protecting both human LIVES and LIVELIHOODS which are at stake. I strongly believe having a healthy fear of threat actors and the damage that they can cause is good for you as a Cyber professional. This alone should place you in a constant heightened state of Cyber preparedness where you are forced to keep abreast of the latest:
-Trending Cyber news
-Trending world news events as this often spills over into the Cyber realm
-Feature improvements and enhancements for the IT & Cyber solutions which you use daily
-OTHER
I strongly believe that you owe it to your employer and customer(s) to head into your shift each and every single day in the highest Cyber preparedness state possible, as from that the probability of actively and passively stopping Cyber D-Day events exponentially increases. You are one with the customer's technical landscape, best prepared to connect the dots from seemingly unrelated intelligence which allows for more fluid, contextual True Positive / False Positive verdict decision making, thus "Stopping The Bleeding" or "Containing The Threat" at a much greater speed.