Ransomware Prevention and Recovery Roadmap Solution

Solutions to prevent and protect your business from ransomware

Storcom's Ransomware Prevention and Recovery Roadmap™


There is a common misnomer surrounding ransomware. The true damage of ransomware isn’t simply limited to paying a ransom to retrieve data. Ransomware’s total costs include damage, destruction, and loss of data, downtime, lost productivity, disruption to normal business operations after an attack, cyber-forensic investigation, restoring and deleting hostage data and systems, harm to an organization’s reputation and brand, and cybersecurity training for employees as a direct response to the ransomware attack. Executives across the globe are beginning to come to the consensus that ransomware and cybercrimes are the biggest threat to businesses in this digital age.

Many companies end up paying a hefty ransom after being infected with ransomware simply because they don’t have a ransomware mitigation strategy in place before an attack occurs. We can help you with Storcom’s Ransomware Prevention and Recovery Roadmap™. Storcom can also help mitigate the damage caused by ransomware attacks. We are a high-touch services provider, which means that we walk you through all of the potential outcomes before a ransomware attack and also help you create a game-plan if a worse case scenario occurs to protect your data. In the event of an attack, Storcom can also help you recover your data safely and securely. We understand the financial and operational effects of ransomware, and we don’t want your business to miss a beat due to malware or ransomware.

Storcom’s Ransomware Prevention and Recovery Roadmap™ Process

We start by consulting with you on your goals and conducting a deep dive on your business to understand your company’s specific needs


Analysis

Next, we assess for gaps in your systems where malware can gain access. We also identify the possibilities of data recovery in the event of a ransomware attack.


Roadmap

Finally, we recommend a roadmap on how to prevent ransomware attacks from occurring.  In addition, we provide ways to recover your data in the event of being infected with ransomware. We leverage best-in-class technologies that fit your needs to ensure your data’s protection in the future.

The Vast Majority of SMBs are Not Prepared for a Ransomware Attack

Don’t let your data fall into the wrong hands. Storcom’s 20-year track record of protecting businesses provides the assurance of reduced risk of downtime due to malware. Executives can stay ahead of the IT curve when partnering with Storcom knowing that their data is secure and protected, and they have peace of mind with Storcom at the helm. If a company’s goal is to safely back up and recover their data before or after a malware or ransomware attack, then Storcom guides our clients through the complicated process with our Ransomware Prevention and Recovery Roadmap™ solution.

Storcom and Carbon Black Infographic

Storcom and VMware Carbon Black Infographic side image

View featured infographic

Data Protection Strategy for Large Non-Profit

Implemented a robust data protection strategy for large Chicago-based non-profit after they suffered downtime from ransomware.

View case study

DR/BC Strategy Implementation for Architectural Firm

Implemented a full DR and BC strategy for a large Chicago-based architectural firm.

View case study

Ransomware Prevention and Recovery Roadmap™ Infographic

View Storcom’s Ransomware Prevention and Recovery Roadmap™ Infographic.

View infographic

Recover By Storcom™ Infographic

Let Storcom keep you afloat after a critical loss. View the Recover By Storcom Infographic.

View infographic

Notable Information About Storcom's ransomware protection solution

  • Storcom has teamed with industry leaders and best-in-class partners to provide turnkey solutions to deliver data protection as-a-service at a cost that makes sense for any business size.
  • Storcom’s solutions are built on the foundation of service-oriented infrastructure.
  • Customers can use Storcom’s private cloud to backup and store their data, or we can simply help you manage on-prem within your own data centers to leverage existing infrastructure.
  • Storcom provides a data recovery solution to solve all common business challenges as they relate to off-site data retention and disaster and malware recovery.
  • We don’t treat all data as equal; operational recovery is vastly different from the formula of traditional data backup and recovery.
  • Storcom’s Ransomware Prevention and Recovery Roadmap™ solution provides a set of tools to give your team insight into capabilities to keep your business running in the event of a ransomware attack and how to prevent it in the first place.

Technical Details of Storcom’s Ransomware Prevention and Recovery Roadmap™ Strategy

Discovery

Storcom will consult with you on your goals and assess the risk associated with your business in order to implement a successful pathway to data security and protection.

  • Data Protection
    • What level of granularity can data be restored to?
      • RPO
      • RTO
    • How are servers and data being protected?
  • Human Attack Vectors
    • Security awareness training
  • Machine Attack Vectors
    • Security awareness training
  • Current patching automation process
  • What kind of air-gap protection is available?
  • What malware end-point technology is in place today?
  • Current Security Model
    • Site Blocking
    • Cryptojacking Protection
    • Deep Packet Inspection capabilities
    • Mobile Device Protection for Apple and Android
  • External Connectivity
    •  WAN
    •  Internet
    • Data Exchange

Analysis 

Next, not only does Storcom evaluate proactive measures, we also identify all the possibilities of data recovery in the event of a ransomware infection.  This will include looking at your overall strategy today to target vulnerabilities as well as how to address gaps in that strategy which leave your organization vulnerable:

  • What happens before, during, and after an attack as it applies to current threats and current options to protect
    against attacks.
  • Remediation Strategy
  • Proactive Strategy
    • Time and man-hours getting back online
    • Responsibilities to shareholders to keep the business up and running
    • Safety of customers and employees
    • Ransomware payment options
    • Insurance options for ransomware/malware

Ransomware Prevention and Recovery Roadmap™ (RPRR) Deliverable

Finally, Storcom will create your Ransomware Prevention and Recovery Roadmap™:

  • Proactive ransomware defense strategy
  • What to do if you get infected with ransomware
  • Address major gaps with appropriate technology
  • How to keep up with ransomware protection

In addition, Storcom can implement our Ransomware Prevention and Recovery Roadmap™ and act as your vDPOptimizer (Virtual Data Protection Officer) in order to give you peace of mind that your data is safe and secure in our capable hands.

Questions You Should Ask Yourself About Ransomware

Do I Have a Ransomware Recovery Plan?

If your company does not have a plan in place to recover files and data after a ransomware attack, then Storcom can help you develop a Ransomware Prevention and Recovery Roadmap™ to help you prepare for and prevent an infection.

Can I Afford a Ransomware Attack?

Most small businesses cannot afford a ransomware attack. With the average ransom payment being $133,000, ransomware is a risk that is best avoided and prevented whenever possible. On top of this, an unquantifiable amount of money is lost due to ransomware tarnishing a company’s reputation.

How Long Can My Company Operate if Our Data is Infected?

Most companies cannot operate during a ransomware attack if their files or computers have been locked. Entire systems and critical files are rendered inaccessible and most organizations struggle to keep operations afloat.

Are My Employees Sufficiently Trained in Cybersecurity Threats?

The vast majority of security professionals and CEOs do not feel like their IT teams are sufficiently trained in preventing a cybersecurity threat.  This poses an overall problem when trying to train the general employee population on how to avoid being hit with a ransomware or malware attack. Storcom believes that cybersecurity training is paramount to organizations, and is a company’s first true line of defense in preventing an attack in the first place.

Notable Ways to Prevent Ransomware Attacks

Storcom’s Ransomware Prevention and Recovery Roadmap™ can help our clients protect their companies from ransomware by walking them through the process to achieve the following:

  • Installing active and up-to-date endpoint protection, antivirus, or anti-malware software solutions.
  • Deploying a storage solution that implements point-in-time copies.
  • Installing anti-data encryptors, which can prevent malware from blocking your access to your data.
  • Installing anti-spam, which is paramount for reducing an organization’s exposure to email-borne threats like suspicious links, infected downloads, malicious downloads, malware-filled websites, etc.
  • Installing backup storage solutions for your files either in a cloud or on-prem.
  • Promoting malware awareness and security training to help your company’s employees recognize the types of emails to avoid and which websites are safe to visit. Cybersecurity training for employees is paramount in preventing a ransomware attack in the first place.
  • Consider ransomware/malware insurance to protect your company in the event of a cyber attack.
  • Cyberattack simulations to execute and test security strategies that are in place in a safe and secure manner.

Notable Statistics on Ransomware in 2020

Almost all companies (93%) that have experienced data loss, coupled with prolonged downtime for ten or more days, have filed for bankruptcy within twelve months of the incident, 50% filed for bankruptcy immediately, and 43% of companies with no data recovery and business continuity plan go out of business following a major data loss.

  • Ransomware attacks cost businesses an average of $133,000 in work and data loss and recovery time.
  • $4.6 million: Average cost to recover from a cyberattack for organizations with more than $1 billion in revenue.
  • Small businesses lose close to $2 billion each year due to ransomware.
  • A new company will fall victim to ransomware every 11 seconds by 2021.
  • Nearly half of ransomware viruses are distributed by email.
  • Nearly 70% of businesses pay a ransom when attacked with ransomware.
  • 1.5 million phishing sites are created every single month.
  • 98% of ransom payments are made in the form of Bitcoin; however, less than 1% of executives know how to use Bitcoin.
  • Attacks are increasing at a rate of 350% annually, and malware is becoming more sophisticated with time.
  • American businesses are the hardest-hit: nearly 80% of all ransomware affected businesses in the United States.
  • 41% of companies faced legal action after a security breach.
  • 35% of companies reported brand reputation loss after a ransomware attack.

List of Ransomware in 2020

There are many different forms of ransomware. Since 2005, the number of types of ransomware has increased exponentially. Here is a list of known ransomware being used today:

.CryptoHasYou., 7ev3n, Alpha Ransomware, AutoLocky, Bandarchor, BitCryptor, Booyah, Brazilian, BrLock, Browlock, Bucbi, BuyUnlockCode, Cerber, Chimera, Chinese Ransom, CoinVault, Coverton, Cryaki, Crybola, Cryptear, CryptFIle2, CryptInfinite, CryptoDefense, CryptoHost, CryptoJoker, CryptoLocker, CryptoMix, CryptoTorLocker2015, CryptoWall, CryptXXX, CryptXXX 2.0, CTB-Locker, CTB-Locker WEB, DeCrypt Protect, DMALocker, DMALocker 3.0, EDA2 / HiddenTear, El-Polocker, Enigma, Fakben, Fury, Gomasom, Gopher, Harasom, Hi Buddy!, HydraCrypt, iLock, iLockLight, Jigsaw, Job Crypter, JobCrypter, KeRanger, KeyBTC, KEYHolder, KimcilWare, KryptoLocker, LeChiffre, Linux.Encoder, Locker, Locky, Lortok, LowLevel04, Mabouia, Magic, MaktubLocker, MireWare, MM Locker, Mobef, NanoLocker, Nemucod, Offline ransomware, OMG! Ransomware, Operation Global III, PClock, Petya, PowerWare, RaaS, Radamant, Rakhni, Rannoh, Ransom32, Rector, RemindMe, Rokku, Samas-Samsam, Sanction, Scraper, SkidLocker / Pompous, Sport, Strictor, Surprise, SynoLocker, TeslaCrypt 0.x – 2.2.0, TeslaCrypt 3.0+, TeslaCrypt 4.1A, TeslaCrypt 4.2, TorrentLocker, Troldesh, TrueCrypter, UmbreCrypt, VaultCrypt, Virus-Encoder, Xorist, XRTN, Zlader / Russian, TorrentLocker, TeslaCrypt, WannaCry, ZCryptor, LockerGoga, Locky, Gpcode, TROJ.RANSOM.A, Archiveus, Krotten, Cryzip,  CryptoWall, Cryakl, Scatter, Mor, CTB-Locker, TorrentLocker, Fury, Lortok, Aura, Shade, MayArchive, NotPetya, Petya, Spider, SimpleLocker, SamSam, Ryuck, Reveton, CTB-Locker, Bitcryptor, CoinVault, and KeRanger, GandCrab.

Known List of Ransomware Extensions in 2020

In the beginning of ransomware attacks, .doc, .jpg, .xls, .pdf, and .zip were the most commonly used extensions for transmitting malware. Nowadays, cybercriminals target files that are critical to businesses like database, SQL, CAD, website, virtual desktop, cloud, and tax-related files. There are many different extensions that are being used today to transmit malware and ransomware. Some examples include:

.R5A, .R4A, .encrypt, .locky, .clf, .lock, .cerber, .crypt, .txt, .clf, .coverton, .enigma, .czvxce, .{CRYPTENDBLACKDC}, .scl, .crinf, .crjoker, .encrypted, .code, .CryptoTorLocker2015!, .ctbl, .html, .locked, .ha3, .cry, .crime, .btc, .kkk, .fun, .gws, .keybtc@inbox_com, .kimcilware, .LeChiffre, .locky, oor., .magic, .KEYZ, .KEYH0LES, .crypted, .cbf, .LOL!, .OMG!, .EXE, .RDM, .RRK, .RADAMANT, .kraken, .darkness, .nochance, .oshit, .oplata@qq_com, .relock@qq_com, .crypto, .helpdecrypt@ukr.net, .pizda@qq_com, .dyatel@qq_com, _ryp, .nalog@qq_com, .chifrator@qq_com, .gruzin@qq_com, .troyancoder@qq_com, .AES256, .enc, .hb15, .vscrypt, .infected, .bloc, .korrektor, .remind, .rokku, .encryptedAES, .encryptedRSA, .encedRSA, .justbtcwillhelpyou, .btcbtcbtc, .btc-help-you, .only-we_can-help_you, .sanction, .sport, .surprise, .vvv, .ecc, .exx, .ezz, .abc, .aaa, .zzz, .xyz, .micro, .xxx, .ttt, .mp3, .better_call_saul, .xtbl, .vault, .xort, .trun, .CrySiS, .EnCiPhErEd, .73i87A, .p5tkjw, .PoAr2w, .xrtn, .bitcoinrush@aol.com.xtbl, centurion_legion@aol.com.xtbl.ecc, .ezz, .exx, .zzz, .xyz, .aaa, .abc, .ccc, .vvv, .xxx, .ttt, .micro, .encrypted, .locked, .crypto, .crypt, .crinf, .r5a, .XRNT, .XTBL, .crypt, .R16M01D05, .pzdc, .good, .LOL!, .OMG!, .RDM, .RRK, .encryptedRSA, .crjoker, .EnCiPhErEd, .LeChiffre, .keybtc@inbox_com, .0x0, .bleep, .1999, .vault, .HA3, .toxcrypt, .magic, .SUPERCRYPT, .CTBL, .CTB2, .locky or 6-7 length extension consisting of random characters.

SAVE MONEY USING OUR DISASTER RECOVERY SERVICES


Learn how you can save money on backing up your precious data with Storcom. Storcom’s Ransomware Prevention and Recovery Roadmap™ solution can save your business thousands in the event of a disaster. While you may not be able to foresee an accident or a ransomware attack, you can rest assured that your critical data is safe with Storcom.

  • 2TB
  • 4TB
  • 6TB
  • 8TB
  • 10TB
  • 12TB
  • 14TB

$558 / MONTH

Estimated cost for 2 terabytes of data storage.

$1,116 / MONTH

Estimated cost for 4 terabytes of data storage.

$1,674 / MONTH

Estimated cost for 6 terabytes of data storage.

$2,232 / MONTH

Estimated cost for 8 terabytes of data storage.

$2,790 / MONTH

Estimated cost for 10 terabytes of data storage.

$3,348 / MONTH

Estimated cost for 12 terabytes of data storage.

$3,906 / MONTH

Estimated cost for 14 terabytes of data storage.

STORCOM’S SERVICES KEEP YOUR BUSINESS RUNNING


Storcom can alleviate your concerns across the spectrum of information technology. We can create, design, and implement innovative solutions to keep your business operational and performing at its best.

99.999%

Uptime

100%

Successful Disaster Recoveries

112

Evolved Businesses

Ransomware FAQs

Learn more about ransomware with Storcom’s comprehensive library of definitions and Frequently Asked Questions.

Storcom managed IT services & solutions provider Chicago managed IT data migration solutions image

What are the Different Types of Hacking?

Learn More

Hackers can access your passwords in a multitude of different ways. The most common methods are shoulder surfing, social engineering, dictionary attacks, and just attempting to guess passwords from information about the user that’s available to them. Email hijacking is widespread. Hackers, spammers, and social engineers taking over control of people’s email accounts (and other communication accounts) has become increasingly more common. Once they control an email account, they prey on the trust of the person’s contacts. Be sure that you protect yourself by being diligent.

Storcom managed IT services & solutions provider Chicago managed IT data migration solutions image

We are a Small Company So Why Do We Need to Protect Against Ransomware?

Learn More

Ransomware is a major security threat to all businesses and individuals. Ransomware doesn’t discriminate on organization size.

Contrary to popular belief, large companies are not the only targets of ransomware and small-to-mid enterprises are not immune to attacks. Small businesses lose close to $1 billion each year due to ransomware and that number is growing rapidly. Small businesses are not able to sustain prolonged downtime, regulatory fines, or a blow to their reputation. Not to worry, Storcom can help protect or recover our clients’ data.

Storcom managed IT services & solutions provider Chicago managed IT infrastructure cloud migration data transfer solutions image

How Do I Reduce the Risk of Ransomware Attacks?

Learn More

The first step to reduce the risk of a ransomware infection is to install endpoint protection software. Endpoint protection software differs from antivirus software since it protects every endpoint that a company has instead of just a single device. This includes protecting your Cloud, servers, network, desktops and laptops, smartphones, tablets, and other IoT devices from cyber attacks. This is your company’s first line of defense against ransomware.

Next, organizations need to ensure that all of their data is backed up either in the Cloud, in a data center, or on your premises. This will help expedite the data recovery process in the event of a ransomware attack.

Storcom’s Ransomware Prevention and Recovery Roadmap™ enables companies to understand their options with endpoint protection software and backup solutions and offerings. Next, companies need to train their employees on cybersecurity threats. Companies who have implemented training on ransomware and malware are statistically less likely to be infected.

Storcom managed IT services & solutions provider Chicago managed IT infrastructure cloud migration data transfer solutions image

How Long Does it Take to Recover from Ransomware?

Learn More

Ransomware is a very serious problem, but you can recover with Storcom.

Removing ransomware and malware can be an extremely difficult and time-consuming chore that most companies do not have the internal resources to complete successfully. The timeframe of ransomware mitigation can vary greatly depending upon a number of factors. These factors include: company size, scope of the data that has been compromised, whether or not your servers have been impacted, whether or not your business has ransomware insurance coverage, and a variety of different scenarios that Storcom would discover and analyze when creating your Ransomware Prevention and Recovery Roadmap™.

Storcom managed IT services & solutions provider Chicago managed IT infrastructure cloud migration data transfer solutions image

How Do I Remove Ransomware?

Learn More

Storcom’s team of experts can walk you through a data recovery strategy in order to regain access to your valuable data and information with our Ransomware Prevention and Recovery Roadmap™.

Storcom managed IT services & solutions provider Chicago managed IT data migration solutions image

How Does Ransomware Spread?

Learn More

80% of ransomware spreads via email; however, an unsuspecting victim can become infected by visiting malicious websites and other methods. A person can download a file or open an attachment that has been compromised with malware. People are also often infected by malvertising, which is malicious advertising. Malvertising requires little or no interaction from the user, which makes it especially dangerous to businesses. Once malware is in your equipment or servers, then your computer screen may be locked (locker ransomware) or predetermined high-value files like spreadsheets and documents may be encrypted and rendered inaccessible by the virus (crypto locker ransomware).

Storcom managed IT services & solutions provider Chicago managed IT data migration solutions image

What Do I Do in the Event of a Ransomware Attack?

Learn More

Besides calling Storcom’s Ransomware Recovery team of experts, businesses need to follow their ransomware removal protocol after they have been impacted by ransomware. If your organization does not have a plan in place, then Storcom can help you create your own Ransomware Prevention and Recovery Roadmap™ prior to a ransomware attack. Ransomware prevention is key since data protection is high on the list of every IT executive and CEO’s business continuity strategy.

Storcom managed IT services & solutions provider Chicago managed IT data migration solutions image

What are the Types of Ransomware?

Learn More

There are two types of ransomware being used today. The first, and most common, is crypto ransomware which encrypts personal files and data. The second is locker ransomware which is designed to lock a user’s computer in order to prevent victims from using it. Users may see an image on the screen or instructions that demand a ransom payment in order to decrypt and restore their data.

Storcom managed IT services & solutions provider Chicago managed IT data migration solutions image

Who Does Ransomware Affect?

Learn More

Ransomware affects individuals, small businesses, international conglomerates, non-profit agencies, hospitals, schools, manufacturers, infrastructure and transportation providers, and churches. Basically, anyone can be a victim of a ransomware attack. No industry or sector is immune to ransomware or malware.

WE HAVE UNIQUE PARTNERS THAT SPECIALIZE IN RANSOMWARE PROTECTION


Storcom partners with best-in-class and emerging technology providers to enable our clients to stay on the cutting edge of information technology.

All Our Partners

Cisco solution provider Chicago Atlanta Grand Rapids Orlando gray logo Checkpoint solution provider Chicago Atlanta Grand Rapids Orlando gray logo Dell EMC solution provider Chicago Atlanta Grand Rapids Orlando gray logo Fortinet solution provider Chicago Atlanta Grand Rapids Orlando gray logo HPE solution provider Chicago Atlanta Grand Rapids Orlando logo grey Juniper Networks MSP solutions provider Chicago gray logo Pure Storage solution provider Chicago logo Grey RSA solution provider Chicago logo Grey Thales solution provider Chicago Atlanta Grand Rapids Orlando gray logo

RELATED SERVICES


Learn more about the other IT solutions and services that Storcom provides. 

Systems Architecture Solutions

View solution

IT Strategy Solutions

View solution

Data Center Consolidation Services

View solution

Cloud Migration Solutions

View solution

Cloud Enablement Strategy Solutions

View solution

RELATED SERVICES


Learn more about the other IT solutions and services that Storcom provides. 

Ransomware Insights and News

Learn more about the news and trends in ransomware protection, prevention, and remediation. 

Ransomware Recovery and Prevention Roadmap

Learn how to protect your data from ransomware with Storcom’s Ransomware Recovery and Prevention Roadmap solution. 

Veeam + Storcom: Top 6 Reasons Why You Need an Office 365 Backup

Many people ask “why do I need to backup my Microsoft O365 data?” Well, simply put, backing up your data is your responsibility…not Microsoft’s. 

www.youtube.com

Veeam and Storcom Ransomware Prevention and Protection in 2021 Webinar

What is Ransomware? What is the History of Ransomware? How is Ransomware Evolving in 2021? How Can I Prevent and Protect My Business Against a …

www.youtube.com

How An Image Could’ve Let Attackers Hack Microsoft Teams Accounts

Microsoft has patched a worm-like vulnerability in its Teams workplace video chat and collaboration platform that could have allowed attackers to take over an organization's entire roster of Teams accounts just by sending participants a malicious link to an innocent-looking image. The flaw, impacting both desktop and web versions of the app, was discovered by cybersecurity researchers at CyberArk. After the findings were responsibly disclosed on March 23, Microsoft patched the…

Maze Ransomware – What You Need to Know

What’s this Maze thing I keep hearing about?Maze is a particularly sophisticated strain of Windows ransomware that has hit companies and organizations around the world and demanded that a cryptocurrency payment be made in exchange for the safe recovery of encrypted data.There’s been plenty of ransomware before. What makes Maze so special?Like other ransomware seen in the past, Maze can spread across a corporate network, infect computers it finds and encrypts data so it cannot be access…

Legions of cybersecurity volunteers rally to protect hospitals during COVID-19 crisis

Last month, some of the usual cast of online scammers and malware miscreants promised to refrain from attacking healthcare organizations or exploiting them during the COVID-19 crisis, showing a sense of honor unexpected from ransomware attackers and cryptocurrency thieves.However, this ceasefire turned out to be a head-fake. Within a week of those vows, malware purveyors and con artists rushed to send out phishing emails while masquerading as healthcare organizations and even launched attack…

Pharming explained: How attackers use fake websites to steal data

A pharming attack tries to redirect a website's traffic to a fake website controlled by the attacker, usually for the purpose of collecting sensitive information from victims or installing malware on their machines. Attackers tend to focus on creating look-alike ecommerce and digital banking websites to harvest credentials and payment card information.These attacks manipulate information on the victim’s machine or compromise the DNS server and rerouting traffic, the latter of which is much h…

46% of SMBs have been targeted by ransomware, 73% have paid the ransom

Ransomware attacks are not at all unusual in the SMB community, as 46% of these businesses have been victims. And 73% of those SMBs that have been the targets of ransomware attacks actually have paid a ransom, Infrascale reveals.Yet, more than a quarter of the total SMB survey group said they lack a plan to mitigate a ransomware attack. And nearly a fifth of the total group said they feel their organization is unprepared for a ransomware attack.The research is based on a survey of more…

Ransomware gangs are changing targets again. That could make them even more of a threat

The coronavirus pandemic has forced most organisations to rethink how they work. And it appears now that even cybercrooks and ransomware gangs are having to adapt their behaviour to adjust to the ongoing virus crisis.Phishing attacks using coronavirus as a lure have grown rapidly in recent months as malicious hackers look to use it as a means of tricking victims into giving up usernames and passwords, personal information and bank details. And there is some evidence that ransomware grou…

Kaspersky report: Nearly half of employees don’t know how to respond to ransomware attacks

Despite the threat of ransomware being at an all-time high, a recent report from cybersecurity firm Kaspersky says that 45 per cent of employees in the U.S and Canada wouldn’t know how to respond to a ransomware attack. Thirty-seven per cent don’t even know what it is.Ransomware, characterized by attackers blocking access to critical data or services (usually through strong encryption) and demanding the victim to pay a ransom to regain access, can have devastating consequences. The report fro…

Deal with ransomware the way police deal with hostage situations — GCN

Deal with ransomware the way police deal with hostage situationsBy Scott Shackelford, Megan WadeMar 30, 2020When faced with a ransomware attack, a person or company or government agency finds its digital data encrypted by an unknown person, and then gets a demand for a ransom.As that type of digital hijacking has become more common in recent years, there have been two major ways people have chosen to respond: pay the ransom, which can be in the hundreds of thousands of dollars, or hire comput…

The Week in Ransomware – April 24th 2020 – High Profile Attacks

There was not a lot of new variants released this week, but we did have some attacks on high profile victims.This past weekend it came to light that IT service giant Cognizant suffered a Maze Ransomware attack. Strangely, while Cognizant is stating it was Maze, the ransomware operators are denying it.DoppelPaymer also started to leak data for the City of Torrance in California who was attacked on March 1st.Other than that, we have seen a few new variants released this week and the u…

Ransomware attacks see 148% surge amid COVID-19

It's well-documented that threat actors will often take advantage of society's fears in order to pursue cybercrime, but new research from VMware Carbon Black suggests that the reality might be even worse than initially thought. The endpoint security vendor, which was acquired by VMware last for $2.1 billion, said ransomware attacks jumped 148% in March over baseline levels in February. "Notable spikes in attacks can also be correlated to key days in the COVID-19 news cycle, suggesting attack…

Enterprise internet attack surface is growing, report shows

The attack surface of large enterprises has grown in recent months driven by the new work conditions imposed by the COVID-19 pandemic. The threat has increased in many areas including servers that are directly accessible from the internet, domain names, websites, web forms, certificates, third-party applications and components or mobile apps. While some of those changes might be temporary, many are likely to be permanent, straining the ability of existing IT and security teams to manage and …

This was inevitable: ‘Thanos’ ransomware weaponizes research tool against Microsoft Windows users

Written by Jeff Stone Jun 10, 2020 | CYBERSCOOP Hackers have converted software initially created as a testing tool into a destructive strain of ransomware, weaponizing inside knowledge about digital fortifications at a time when internet extortion only is accelerating.Scammers on cybercriminal forums are marketing a new strain of ransomware, dubbed “Thanos,” to other attackers aiming to infiltrate computers running Microsoft Windows, according to research published Wednesday by threat int…

How Threat Actors Are Adapting to the Cloud

With organizations increasingly moving to cloud environments, cloud security is more critical than ever. Cloud environments often hold large troves of valuable and sensitive data that can put organizations and their customers at risk if they are breached. At the same time, many organizations are still discovering best practices surrounding cloud security and incident response.IBM X-Force Incident Response and Intelligence Services (IRIS) has responded to many cloud security events. To help …

How middlemen are giving ransomware gangs more attack options

Written by Sean Lyngaas Oct 12, 2020 | CYBERSCOOP The last six months have seen damaging ransomware attacks on two multibillion-dollar IT firms, Conduent and Cognizant, with clients all over the world. The incidents locked computers across the companies, cut into revenue and required days, if not weeks, of clean up.A report published Monday by consulting giant Accenture warns that the kind of criminal groups behind those attacks have more options than ever for accessing corporate networks …

ALERT! Hackers targeting IoT devices with a new P2P botnet malware

Cybersecurity researchers have taken the wraps off a new botnet hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining.Discovered by Qihoo 360's Netlab security team, the HEH Botnet — written in Go language and armed with a proprietary peer-to-peer (P2P) protocol, spreads via a brute-force attack of the Telnet service on ports 23/2323 and can execute arbitrary shell commands.The researchers said t…

What is cryptography? How algorithms keep information secret and safe

Cryptography is the science of keeping information secure by transforming it into form that unintended recipients cannot understand. In cryptography, an original human readable message, referred to as plaintext, is changed by means of an algorithm, or series of mathematical operations, into something that to an uninformed observer would look like gibberish; this gibberish is called ciphertext.Cryptographic systems require some method for the intended recipient to be able to make use of the e…

Watch Out — Microsoft Warns Android Users About A New Ransomware

Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note.The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced with new techniques, including a novel means to deliver the ransom demand on infected devices as well as an obfuscation mechanism to evade security solutions. The development comes amid a huge sur…

US advisory meant to clarify ransomware payments only spotlights widespread uncertainty

Written by Tim Starks Oct 13, 2020 | CYBERSCOOP If a Treasury Department advisory threatening financial penalties against anyone paying ransomware hackers was intended to send a clear message, it may have done the exact opposite.The Oct. 1 advisory from the Office of Foreign Assets Control warned that paying or helping to pay ransoms to anyone on its cyber sanctions list could incur civil penalties.Across some of the industries mentioned in the advisory — like cybersecurity incident respo…

How to protect backups from ransomware

Despite a recent decline in attacks, ransomware still poses significant threats to enterprises, as the attacks against healthcare organizations demonstrated this month. It is also becoming more capable. In particular, ransomware writers are aware that backups are an effective defense and are modifying their malware to track down and eliminate the backups.Ransomware targeting backupsRansomware will now delete any backups it happens to come across along the way, says Adam Kujawa, head of malwa…

Double extortion ransomware will be a big theme in 2021

The coming 12 months will bring increasingly aggressive cyber crime activities as malicious actors continue to pivot their ransomware attacks from data encryption to data exfiltration, and with much of the workforce remaining at home until the second quarter at least, the cyber security challenges that were amplified by Covid-19 will persist for the time being. That is according to new research data compiled by data protection specialist Acronis, which has highlighted a number of key trends …

Thriving in the Cybersecurity Chess Game

Cyberattacks have the most impact and are a persistent threat to any organization, especially those leveraging information technology to achieve a competitive advantage. Just look at a few of the headlines over the last six months: “Tech Giant Down After Ransomware Attack,” “Cruise Line Suffered A Ransomware Attack In Which Guest And Employee Data Was Accessed,” “Business Giant Data Leaked After Ransomware Attack.” What is going on? There are so many safeguards available today to prevent thi…

MITRE ATT&CK: The Magic of Segmentation

In cybersecurity, nation states, cyber criminals, hacktivists, and rogue employees are the usual suspects. They fit nicely into categories like external attackers or insider threats.But what about our essential suppliers, partners, and service providers?We rely on them, sometimes inviting them in to help manage our networks and internal systems. It’s easy to overlook them as possible pathways for cyberattacks. But the shocking cyberattack discovered in December shined a bright light on sup…

The 6 Key Reasons To Have a Microsoft Office 365 Backup

As a robust and highly capable Software-as-a-Service (SaaS) platform, Microsoft Office 365 fits the needs of many organizations perfectly. Office 365 provides application availability and uptime to ensure your users never skip a beat, but a Microsoft Office 365 backup can protect you against many other security threats. You or your boss might be thinking, “the recycle bin is probably good enough.” However, this is where many people get it wrong. The average length of time from data compromi…

Veeam Backup and Replication Version 11 Release: So Many New Features, Where do We Start?

By: Dave KlugerStorcom CTO What’s New in Veeam Version 11 (v11)?There are a ton of new features and updates with Veeam version 11, over 200 to be exact. There are already many articles that simply list the new features. As Storcom’s CTO, I want to talk about what’s new in Veeam Version 11 (v11) and what I think the main updates are and WHY they are useful.  Ransomware Protection At the top of everyone’s list is that Veeam’s version 11 contains more ransomware protection features than ever…

Protecting Against Evolving Ransomware Attack Trends

This is a summary of an article written for Security Magazine by Derek Manky, Chief of Security Insights and Global Threat Alliances at FortiGuard Labs. The entire article can be accessed here. Ransomware attack trends continues to evolve, and the current iterations seen during the COVID-19 pandemic are no exception. During this time, malicious actors have attacked healthcare organizations, medical trials, schools, and shipping agencies. Considering the impact these modern a…

Threat Trends: DNS Security, Part 1

When it comes to security, deciding where to dedicate resources is vital. To do so, it’s important to know what security issues are most likely to crop up within your organization, and their potential impact. The challenge is that the most active threats change over time, as the prevalence of different attacks ebb and flows.This is where it becomes helpful to know about the larger trends on the threat landscape. Reading up on these trends can inform you as to what types of attacks are curre…

What is cryptojacking? How to prevent, detect, and recover from it

Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads cryptomining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.Either way, the cryptomining code then works in the background as unsuspecting victims use their computers normally. The only sign they might notice is slower p…

The biggest data breach fines, penalties, and settlements so far

Sizable fines assessed for data breaches since 2019 suggest that regulators are getting more serious about organizations that don’t properly protect consumer data. Marriott was hit with a $124 million fine, later reduced, while Equifax agreed to pay a minimum of $575 million for its 2017 breach. This comes after an active 2018. Uber’s poor handling of its 2016 breach cost it close to $150 million. Weakly protected and heavily regulated health data cost medical facilities big that year, too, …

Combating Cybercrime with AI-Driven Security Strategies

This is a summary of an article written for CISOMAG by Derek Manky, Global Security Strategist at FortiGuard Labs. The entire article can be accessed here. As technology evolves, so too does cybercrime. The recent rise in remote work and the broadening of the attack surface that accompanied it have shown that cyber criminals are nothing if not resourceful and opportunistic. So, as bad actors advance their tool kits to include artificial intelligence (AI) and machine learning…

Steps to Defend Against DearCry Ransomware

FortiGuard Labs PerspectivesLast year cast a bright spotlight on cybersecurity with the risks that surfaced due to the rise of remote work. The year was capped off by one of the most significant supply chain hacks in recent years. Now in 2021 we have cyber adversaries attempting to exploit Microsoft Exchange Server vulnerabilities with DearCry ransomware. Cybersecurity risk has never been greater as everything is interconnected in a larger digital environment.Three members …

WE ARE READY WHEN YOU ARE! Call Storcom’s certified engineers to learn how to implement a Ransomware Prevention and Recovery Roadmap™ to protect your data.

Contact A Team Member