In July 2021, a major IT and security management provider announced they had suffered a supply-chain attack. The breach was especially devastating because the company sells software to multiple managed service providers (MSPs). This meant the impact was far-reaching, infecting clients as well as hundreds of MSPs and their customers — primarily small and medium-sized businesses. Victims could choose to pay the ransom ($45,000 for individual firms and $5 million for MSPs) or ignore the threat and try and rebuild compromised assets through backups. Unfortunately, this was not the only major ransomware event in 2021, as there were 2,690 reported ransomware attacks in 2021 compared to 1,389 in 2020, a 92.7% increase year over year.
With the massive spike in ransomware and other cyberattacks, preparation is key. But how exactly can an organization prepare for such a wide range of incidents across an ever-growing attack surface? The best way is to have your security team practice defending against actual attacks using cyber range training simulations – without risking or impacting production environments. Cyber ranges also allow organizations to assess their cyber defense tools and their team’s ability to scan incoming and outgoing messages for malware, block malicious IP traffic, prevent spam, and thwart unauthorized software from entering and spreading throughout the network.
Organizations can also determine if their backups and existing data recovery tools and procedures will be effective in the event of an attack. Our experience working with security professionals across the globe has shown us that teams using a cyber range platform for realistic cyber-crisis training are better able to detect and respond to advanced threats. They also have a much better understanding of which tools work and which ones don’t.
