Vice Society tends to target organizations that have the potential to pay out higher ransoms. To protect against Vice Society and other ransomware groups, companies should consider adopting a defense in depth strategy. Some suggestions for protecting against ransomware from the FBI and CISA include:
• Maintain offline backups of data, and regularly maintain backup and restoration. By instituting this practice, the organization ensures they will not be severely interrupted, and/or only have irretrievable data.
• Ensure all backup data is encrypted, immutable (i.e., cannot be altered or deleted), and covers the entire organization’s data infrastructure. Ensure your backup data is not already infected.
• Review the security posture of third-party vendors and those interconnected with your organization. Ensure all connections between third-party vendors and outside software or hardware are monitored and reviewed for suspicious activity.
• Implement listing policies for applications and remote access that only allow systems to execute known and permitted programs under an established security policy.
• Document and monitor external remote connections. Organizations should document approved solutions for remote management and maintenance, and immediately investigate if an unapproved solution is installed on a workstation.
• Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, and secure location (i.e., hard drive, storage device, the cloud).
https://therecord.media/ikea-investigating-cyberattacks-on-outlets-in-kuwait-morocco/?web_view=true
https://www.cisa.gov/uscert/ncas/alerts/aa22-249a
