Blogs

Sep 2017
15

Six Ways to Improve Your Organization’s Cybersecurity

 
Button saying: Disaster Recovery Plan

This is part three of three in a series where we will discuss the importance of improving your company’s cybersecurity policies.

According to a Global Risks report, published in January 2015 by the World Economic Forum, it stated that “90 percent of companies worldwide recognize they are insufficiently prepared to protect themselves against cyberattacks.” And because cybercrime has grown to become a billion dollar industry (costing over $400 billion annually), now is the time to improve or implement cybersecurity policies to avoid data breaches and files being held hostage.

Here are six tips to beef up your organization’s cybersecurity policies:

1. Keep software updated at all times

Not performing software updates can leave your company susceptible to attacks, as hackers scour networks, looking for security vulnerabilities in old/outdated software. Because cybersecurity is every employee’s responsibility, create and enforce company policies that requires departments (or individual employees) to perform regular updates to their software and applications they use on their devices (laptop, PC, or endpoint device).

2. Raise awareness about the importance of cybersecurity

Since the majority of breaches still come from end-users (whether that is C-level executives or employees), this proves that people within organizations are still not aware of the risks of a security breach. With leaders and employees being unaware of all the implications, this makes it difficult to a. allocate funding to boost cybersecurity awareness within the organization as well as b. inform and train employees about cybersecurity best practices due to the general apathy within organizations. Implement periodic training, teach the importance of smart internet browsing practices for all employees (at all levels) to maintain the security of the organization as a whole.

3. Encrypt data

All PCs and personal information stored in databases, servers, networks and endpoint devices should be encrypted in flight and at rest. This is the best way to protect your systems from hackers who want access to sensitive data.

4. Consider purchasing a cyber insurance policy

Cyber insurance may provide a safeguard to your organization as insurance advisors will do thorough evaluations and risk assessments to determine which data is most crucial to your business. That way, if there was a data breach, you will not have to pay money to the criminals…your data is safe and recoverable based on the terms of your insurance policy.

5. Implement necessary patches and updates

Patching and updating your infrastructure and information systems is important to prevent vulnerabilities within your networks. For example, in the event there is a window of vulnerability, a patch management system means a network is being consistently monitored...mitigating the risks of zero-day attacks.

6. Establish access controls based on roles/responsibilities

Since not every employee needs the same level of access into networks and software, role-based access controls grants or denies access to users based on job functions. This can help with alleviating the risks of a cybersecurity breach because limiting usage can help to identify network intrusions, suspicious activity and more.

It is important to take a multi-layered approach with your organization’s cybersecurity as the reality is that the majority of organizations in 2017 will encounter some sort of breach…is your organization prepared?

Spice IT Email Post
Aug 2017
25

Five Cyber Security Trends Every IT Professional Must Know

 
Hands holding a mobile phone that says Cyber Security

This is part two of three in a series where we will discuss cybersecurity trends, security concerns and the importance of cybersecurity policies as a part of your company’s overall strategy.

2017 proved to be an interesting year in the world of IT as ransomware attacks and security breaches became more common, which resulted in higher payouts to cyber criminals. These rapid fire changes have put IT professionals under extreme pressure to ensure they can recover their data if a breach was to occur, and to also attempt to thoroughly understand how to mitigate the risk of an attack. Understanding these trends within the market place will help create a framework to assist with your IT policies. Statistics from the Cyber Security Trends Report list these as the most common trends for cyber security.

1. Cybersecurity is still a challenge

According to recent studies the reason why cybersecurity is an obstacle in most organizations is due to the lack of skilled employees, resources, lack of security awareness and ignorance around cybersecurity. 54 per cent of organizations want to train and certify their current IT staff to overcome any unforeseen challenges and create a stronger cybersecurity presence in IT environments. The reality is, some IT pros are not really clear on security threats to their data centres, they aren’t too clear who to hire to fix problems if they were to arise, nor do they have proper training and protocols in place.

2. Security challenges in the cloud

Storing data in the cloud makes organizations a target for cyber criminals as the cloud brings a whole new set of security challenges (e.g. data integrity, having proper fail-over technology, ensuring data is secure in-flight and at-rest, etc.) as attackers can monitor and modify data on the cloud (e.g. account credentials, security keys, etc.) by merely using applications to launch attacks. Unfortunately, companies still assume their third party IaaS, SaaS or PaaS vendors are protecting their data…making them even more vulnerable to cybersecurity breaches.

3. Concerns with employees bringing their own devices

The proliferation of bringing/using your own device in the workplace is increasing cybercrime activity consisting of everything from stolen identities to major data breaches from data leaks. While 60 per cent of companies have a BYOD policy, unfortunately, not all employees are trained on cybersecurity best practices. This opens up the door to employees downloading unsafe content or apps and connecting to open Wi-Fi spots without having the correct security protocols in place. In fact, according to a study conducted by HP, 97 per cent of employee’s devices were not secure, and 75 per cent lacked adequate data encryption.

4. Attacks are becoming more sophisticated and more difficult to detect

What you probably didn’t realize is that cyber attackers are becoming more clever—they spend over a month on your networks before they actually infect your systems. In some cases, it takes companies up to 200 days to detect a data breach.

5. Apps are the main source of data breaches within organizations

According to recent reports from Verizon, web applications (either mobile, desktop, business or web apps) are the number one source of data breaches. The reason why apps remain easy targets are because most apps were not built with security as a primary feature, they were built for ease of use. This gives cyber criminals ample opportunity to send spam and steal details…all through downloading an app that is littered with malicious code.

Whether you’re an IT professional or a managed service provider (MSP), the need to make cybersecurity a point of your strategy is critical to ensuring your business survives in the next-generation of cyber-attacks.

Spice IT Email Post
Aug 2017
14

Four Reasons Why IT Professionals Are in Denial about Cybersecurity

Posted by Alex Dubko in Cloud Backup
 
A palm with text: You've been hacked

This is part one of three in a series where we will discuss trends in the changing landscape of cybersecurity, why so many senior level executives are in denial and what policy changes your organization needs to make to mitigate cybersecurity risks.

Today’s security landscape is littered with data breaches, compliance and security failures for businesses of all sizes. It’s also a hot topic within the media, proving that cybercrime is a problem that affects all of us.

Here’s the problem: Each year cybercrime becomes more advanced, resulting in massive data loss, bigger payouts and more organizations going out of business. Why? Cybersecurity was not a priority in most organizations and having anti-virus software was presumed to be the only tool needed to eliminate risk. The changing landscape, coupled with antiquated technologies are hindering those who actually manage/process personal information as they are either:

  1. not trained on current internet safety best practices or
  2. trained on best practices but don’t find the training effective since the behaviours of the employees never change.

Here are some other startling facts about the lack of awareness on cybersecurity.

  • According to a Spiceworks study, 45 per cent of companies do not provide internet safety training. Out of this 45 per cent, 69 per cent of those employees handle, manage or process personal information. This may account for the reason that end-users keep falling prey to these phishing attacks…staff isn’t being trained, meaning they’re not abreast of best practices.
    • The same study shows that while the majority of organizations offer general security awareness training, only a quarter of executives believe that this training is “very effective” at changing employee behaviours. The other 75 per cent of executives deem this information as irrelevant and often don’t train staff on best practices.
  • The longer organizations go without any security breaches, the more complacent they become. Sure—firewall, endpoint protection, spam and anti-virus protection may have been all your organization needed. Now, attacks have become multi-layered, and are infiltrating systems, backup-repositories, networks, data and files all at once, making most traditional cybersecurity policies out of date.
  • Larger organizations are not too worried about going out of business. The average total cost of a data breach is approximately four million…a legal breach can be so much more…making four million a small price to pay for large organizations to retrieve their data.
  • Most senior level decision makers do not have a thorough understanding of cybersecurity issues.
    • In most cases budgets and strategy are the only two topics discussed in the board room. Security experts state that cybersecurity needs to be integrated as a part of your organization’s overall strategy, as opposed to keeping it solely within the IT department.

Consider your organization lucky if you have not fallen victim to cybercrime, because it’s not a matter of if your organization will be attacked, it’s a matter of when. The minimum requirements to mitigate any cybersecurity risk include: backing up business critical data on a regular basis, having an anti-virus solution in place as well as making security a part of your overall strategy to avoid costly payments or risk of closure.

Spice IT Email Post
Jul 2017
11

Ransomware Threat Predictions for 2017 and Beyond

 
A person with a crystal ball

Ransomware is now the biggest security threat for organizations worldwide. Recent WannaCry and Petya attacks have heightened these fears, forcing companies to re-evaluate their security measures and policies. The reactive approaches companies are taking is slightly problematic because cyber criminals are only getting more sophisticated...attacks are escalating, new strains are constantly being developed and employees are still not aware of what ransomware is, making it difficult to stay one step ahead of the cyber criminals.

Here are some statistics and trends about ransomware that your organization should be aware of that will assist you when planning your cyber security policies.

1. Myth — only certain industries and organizations are targeted

Fact: Every industry and organization is at risk. Cyber criminals simply want money, hence why they target businesses of all sizes. Although big businesses have the multi-million dollar budgets, smaller organizations are also targeted because they are in fact most likely to pay the ransom because lengthy periods of downtime or data loss will put them more at risk of going out of business.

2. Two thirds of ransomware infections in Q1 2017 were sent via Remote Desktop (RDP)1

Working remotely coupled with BYOD is where most vulnerabilities are stemming. With statistics showing that 66 per cent of employees don’t know what ransomware is, mitigate risk within your organization and train your entire staff on best practices regarding phishing emails and links, malicious websites, etc.

3. Phishing techniques have become much more advanced

Prior to 2015, phishing tactics used to consist of mass email campaigns trying to trick unsuspecting victims. Most knew they were involved in a scam as these emails were littered with spelling and grammar mistakes, incorrect branding in messages, wrong/outdated company logos, etc. Now, cyber criminals carry out targeted and focused tactical email campaigns as part of phishing attacks and with new natural language processing enhancements (including AI technology), this has fixed the majority of the grammatical errors, making malicious websites and emails that much more difficult to detect.

4. Downtime when recovering files is hurting most companies

Reports from Gartner calculated that downtime can reach 87 hours a year (about 200 minutes on average) ranging anywhere from a few minutes to a few hours. When network services are unavailable, employees can’t work, and the duties that they perform to keep your organization afloat aren’t getting done. Downtime as a result of a ransomware attack means loss of productivity, profit and customers. Depending on the size of your business, minutes or hours of downtime may result in your organization going out of business.

Here are other ways downtime can affect your organization:

  1. Threats of lawsuits – Businesses could be at the receiving end of lawsuits if they do not have proper cybersecurity protocols in place.
  2. Data breaches – If personal data was leaked or deleted this may result in litigation or fines for not adhering to compliancy.
  3. Damage to brand reputation – If you’re not able to serve your customers due to downtime, your customers may vent on social media platforms, causing damage to your brand image.
  4. Loss of profit – On average, businesses lose between $84,000 and $108,000 (US) for every hour of IT system downtime. For a large organization, this may result in higher costs with little impact to their business but for small-medium sized business, the hourly cost may be lower, however the negative impact on the business is usually much larger.

Are you ready to learn how our solution can help your organization survive after a ransomware attack?

1. Crowe, Jonathan. "Ransomware Growth by the Numbers: Ransomware Statistics 2017." www.blog.barkly.com. n.p., June 2017. Web. July 2017.

Contact a Recoverability Specialist

Spice IT Email Post
Jun 2017
15

Top Six Concerns of IT Professionals in 2017

 
Specialist at a datacenter

Since 2016 the landscape of information security has changed. There have been new strains of malware developed, new phishing techniques, cyber security breaches, new developments to security and compliance as well as debates about security and privacy. With all these new developments in the IT landscape, here are six factors that IT professionals are most concerned with.

1. Cybersecurity: Recent reports found that cyberattacks/web based threats have been growing quickly over the last couple of years, and there's nothing to indicate they won't keep increasing. Even with all the advancements in cybersecurity, most professionals are aware that these advancements are not making systems and networks any more stable. They also realize that their systems can be hacked at any time as employee negligence is still the number one reason for cyber security breaches. Here are three other concerns relative to cybersecurity:

  • General lack of knowledge and awareness about cyber security
  • Too many versions of technology. Most companies have a combination of old/outdated software with new technologies making IT systems within organizations complex to manage
  • Lack of time, money and general resources to implement a comprehensive security solution

2. Ransomware: This form of cybercrime has grown exponentially since 2015. Criminals are much more sophisticated in coding, system and network configurations, making ransomware more difficult to detect. The fear of ransomware is prompting most IT professionals to ask not if they’ll encounter a breach but when they’ll encounter an attack.

3. Data classification: Although data classification is a fairly simple concept, it is quite difficult to implement and can cost your company thousands if not done correctly. Many organizations face the fundamental problem of not having any data classification systems in place and not being able to classify what information is deemed critical for business operations on an on-going basis. Not knowing this information can be detrimental to your business operations.

4. Protecting Endpoint Devices: According to a Promisec survey 89 per cent of VPs and C-Level IT professionals are concerned about security breaches on endpoint devices, while a mere 32 per cent actually have endpoint protection in place. The reasons why endpoint device protection is such a concern is because:

  • IT professionals do not know all of the endpoints within their corporate environment. They don’t have full line of sight into who owns and manages these devices, what types of work and data are on them, and how they will be protected. Without this endpoint visibility, the chance of protecting corporate data are slim to none
  • There are gaps and vulnerabilities in endpoint protection (i.e. the lack of complete and regular rollouts of software patches, gaps in blocking applications, etc.)
  • Up-to-date antivirus software is not sufficient to ensure proper coverage of endpoints

5. Compliance: Whether it’s the healthcare, financial or legal verticals, many industries have strict regulations on how organizations handle their business-critical data. Within the last few years, there have been enormous changes to the way data can be acceptably classified, and IT pros admit they’re not ready for these key changes due to the fact that they don’t really understand what exactly is being asked of them to comply with these ever-changing regulations.

6. Data Breaches: As data breaches continue to increase, more organizations are at risk of losing confidential consumer and corporate data. Studies have shown that less than 25 per cent of professionals are confident in their company system’s ability to mitigate the risk of security incidents. This number is frightening, as data breaches can mean you’ve lost one crucial element to your business – your customer’s faith (and most likely their business). And because cyber breaches can severely impact all areas of business, IT pros are looking for best practices, advanced compliance and signature-based security technologies.

What can you do as an IT Professional?

  • Educate your staff on all the threats out there and make sure there are no gaps in process, skills, and training.
  • Have current/up-to-date technology and software needed to defend against all threats.
  • Leverage new/existing security controls for risk prevention.
Spice IT Email Post
May 2017
31

Why Backup is the Only Prevention from Ransomware

 
Laptop screen saying: We have your data. Pay!

This is part four of five in a series on Ransomware that will discuss the growth of ransomware, recent WannaCry attacks, tips to safeguard our data and also includes an interview with our VP of Marketing who shares what Asigra’s solutions can do to prevent attacks.

In 2017, ransomware attacks have skyrocketed and the bad news is that these numbers are getting worse. Reports from CNBC indicate that there has been a 6000 per cent increase of ransomware infections deriving from email and similar reports show that 92 per cent of surveyed IT firms reported their clients had been attacked by ransomware.

In a recent attack in May 2017 (known as WannaCry), critical information was stolen, and encrypted data from the U.S. National Security Agency affected over 99 countries across a wide range of industries. European authorities estimated that at least 200,000 computers in the public and private sector were infected globally.

Organizations who were most vulnerable had old/outdated software (i.e. operating on Windows XP). The infections were deployed via a worm, which initially asked for $300 (£230) in Bitcoin cryptocurrency to unlock the files for each computer. Fines have now doubled to $600 (£348) Bitcoin, with threats of being permanently locked out of systems after seven days of non-payment. Although the attack affected so many companies, payments to the cyber criminals have still been slow, as organizations either a. don’t know where to obtain bitcoin currency and b. know that paying the ransom does not guarantee that the files will actually be retrieved.

Fact: Ransomware is not a new phenomenon, however it has grown exponentially over the last two years. Despite its growth, 66 per cent of people don’t know what ransomware is, and these same people may work within your organization. Therefore, it’s safe to assume that with the proliferation of attacks globally and the lack of education amongst the general public you and your data are at risk. Here are six ransomware best practices you should always keep in mind:

  • Have solid systems, protocols, policies and training in place to prevent infection
  • Train your staff to know what to do when an attack happens
  • Double (and triple) check all email senders. Do not open or download suspicious links, attachments and files
  • Have a robust, up-to-date antivirus software and ensure all firewalls and software are regularly updated
  • Send security tips to ensure your staff is vigilant, informed and educated on ransomware
  • Backup, Backup, Backup!! The truth is that disaster recovery solutions (i.e. data protection strategies, backup with snapshots, CDP, replication for different levels of recovery) and effective data protection are the only two things to thoroughly protect your data.

Ready to Learn More?

Hear our VP of Marketing, Michael Stephens share his insights on CFRB 1010 on these recent attacks and how our solution can help combat ransomware.

Listen to the Interview

Spice IT Email Post
May 2017
9

How Organizations Can Plan for Cloud Computing Costs

 
Manager with currency symbols above his head

If you’re an organization that either uses the cloud, or are considering migrating services to the cloud and are confused about the costs…you are not alone. The costs associated with the cloud are confusing and without proper management and monitoring cloud computing costs can add up quickly leading to your next bill being significantly more expensive than you budgeted for.

Here are three scenarios you’ll have to consider when factoring cloud costs.

If you use SaaS Based Applications (Office 365, Salesforce.com and G Suite)

Instance #1: In this instance you will be billed on the number of resources. The problems that companies may run into is when they over-provision. Choosing appropriate resources within these apps take time, and by choosing too many resources that are most likely not relevant to your business results in inflated costs.

Instance #2: SaaS based providers also charge pay per use or pay as you go. A common misconception is that users are charged per device (i.e. tablet, laptop and smartphone), however charges are based on the number of administrators. SaaS based providers charge in a tiered structure (based on a specified number of users) and once that threshold is capped you’ll be charged when more admins are added as opposed to how many devices you add.

Solution: Perform regular system audits and do thorough research to determine which resources and how many system administrators you actually need.

If you use IaaS/PaaS Based Applications Services (Amazon Web Services and MS Azure)

Both of these platforms boast strong PaaS and IaaS capabilities, but are their billing modules are not the easiest to understand.

Amazon Web Services (AWS): If you use AWS, charges are based on the services you are using, however there are several different variables which can lead to additional costs. These services include: databases, deployment, management, application services, network, storage and how content is delivered. In addition to these major charges, there are three additional service charges based on the location of your data centre, volume and the performance level. Additional features such as VM’s, memory, operating system choice, web service calls to their technical support/customer service departments will all be added on to your bill.

Microsoft Azure: When using Azure, they bill you based on usage, storage, storage transactions and data transfers on a pay as you go pricing model. Here’s where the complexities arise…as long as you have an application instance hosted on Azure, you will be paying a monthly minimum (roughly 80 US dollars), whether you still actively use that app or not. Another factor to consider is data transferring and the charges associated with that. Example: think of your data usage on your cellphone. Once you’ve hit your threshold of data consumed (for example 5 GB/month), you will get a notification from your service provider letting you know that you’re approaching your limit (or in some cases they may even block your data usage to prevent hefty bills). You then have the choice to stop using data or accept the overage charges. Azure works in a similar framework, if your organization is constantly doing data transfers and exceeds their monthly GB limit, your monthly bill will be higher than expected as Azure does not have a GB threshold cap.

Solution: Use the data from previous years to be able to forecast costs for the upcoming year. These services both offer calculators to predict costs, so if your organization’s projections are accurate, the monthly bills won’t be shocking.

Costs Associated with MSPs, Monthly Bills and the Cloud

  1. Moving/Migrating to the cloud: There will be a large upfront cost associated to moving to the cloud, whether that’s a onetime move or done incrementally. Network bandwidth accounts for much of the cost of moving data and cloud providers might charge upload and download fees. Even though data and systems are being hosted off-site, there are internal labor costs that you’re billed for, depending on the workload, instances and number(s) of servers being migrated.
  2. If you store data in the cloud: There are often different pricing tiers of storage which will be added to your monthly bill. Your organization should think carefully when storing data and work with your MSP to decide on the storage tier that is best based on the amount of data that you will be storing.
  3. Fees allocated with testing: You’ll have to test all software and apps before migrating to the cloud to ensure that all systems integrate properly. Depending on how long this testing takes you will see either incremental or drastic costs added to your bill.
  4. Costs associated with rent, utilities and power: This cost is often overlooked and unexpected. Most data centres are offsite and because you’re data is taking up space in the data centre, organizations will be billed accordingly, which can also increase your bill.

Solution: Choose an MSP that is forthcoming with costs and services they can provide, can quickly respond to business demands, reduce costs, manage complexity, keep abreast of industry standards and adopt all facets of technology.

Spice IT Email Post
May 2017
2

What is a Virtual Machine (VM)? – Technology Defined

 
Virtual machines in the cloud

Virtualization is a growing presence in every data centre. It allows you to reduce hardware costs and power consumption; it provides more flexible server provisioning and ensures that IT managers can be more responsive to business needs. VMs offer many benefits to organizations and allows you to not only simplify IT operations, but also to respond quickly to changing business demands.

What is a Virtual Machine (VM)?

A virtual machine is a computer application or file (which is typically called an image) that behaves like an actual computer. It runs on your current operating system in a window on your desktop to allow you to experiment with different operating systems, just like you would on a real, physical machine. Like physical machines, virtual machines have their own virtual hard drive – a large multi-gigabyte file stored on your hard drive which includes hardware, a virtual CPU, memory, network interface and other devices.

Why would you want to create a Virtual Machine?

  • They allow you to experiment with other operating systems.
  • Allows you to work safely with more reliability and security: VMs are essentially like working in a sandbox environment. Working within such a controlled environment when running programs is a good way to learn about operating systems (i.e. Linux Ubuntu). When you’re done evaluating or testing operating systems you can delete the VM or create a snapshot once everything's been configured just in case anything goes wrong.
  • Enables you to consolidate your servers: Up to 10 applications can run on a single VM that may have required several physical servers to operate.

What are some situations where a VM will be used?

Testing Software, New Configurations or Upgrades:

  • New versions of operating systems. This allows you to experiment with different versions of software without installing defunct versions onto your servers.
  • Multiple Platforms. Rather than keeping servers around to test multiple platforms, you can test whether an application works on different operating systems.

Implementing other software systems: you can install various systems within the VM and learn how they work at your own pace.

Using software that uses an outdated OS: there are several programs or laptops that aren’t compatible with Windows XP, however your organization may be using an application critical to your business that only operates in the XP environment. Using a VM allows you to run and use this application without having to actually install outdated software to physical machines.

Using software that needs another OS: If your organization is in a MAC environment and you wanted to run Windows software on this specific OS to test compatibility without using services like Wine or Crossover, VM allows you to run and use this application

Spice IT Email Post
Apr 2017
21

Five Critical Mistakes Managed Service Providers (MSP) are Making

 
Photo with a confused IT specialist

Managed Service Providers ultimately have the same goal – growing business and providing clients with the best IT solutions. However, in the plight of winning business, some fundamentals are often overlooked and the MSP is either left with unhappy clients or lost business. Below are five mistakes MSPs should avoid.

  1. Assuming that all customers/organizations are familiar with all the facets of cloud. MSPs often think and rely on their clients to know their technical needs, however, the reality is that customers don’t have a complete understanding of the complexities and various solutions of backup systems. Potential clients need help understanding the benefits, risks, and costs associated with cloud models. Work with your potential clients to develop (or enhance) a data recovery strategy that will back up and protect their business data, ensuring their business critical data is safe and can be recovered.

  2. Over-promising, yet under delivering. In some circumstances, Service Providers don’t like to admit that they don’t offer certain services/solutions…they fear that this honesty will hinder them from acquiring new business. When you over promise, you’re actually spending more time trying to learn on the job while trying to deliver; which in fact hinders your business as you’re selling your clients short. Be clear on the services you provide, don’t make false promises and be upfront at all times with your client.

  3. Selling products, not a service. As an MSP, not only do you sell technology, you should strive to also sell your expertise, reliability and services. Most organizations are not extremely tech savvy, and they rely on you to provide sound advice and monitor systems to ensure everything is working up to the contractual expectations. By checking in sporadically (not only during the onboarding process but throughout the duration of the contract), you have a pulse on your clients’ needs and are able to fix any issues when and if they were to arise.

  4. Little to no content on website to describe products/services. Most consumers (if not all) are informed buyers, they are doing their due diligence in their research before making a purchasing decision. Therefore, having strong content about your services helps people find you, and also demonstrates that you have the technical wherewithal to deal with IT issues. By having information on the services provided and general industry information, you have forged a relationship of trust with your prospective clients…they begin to trust you and are much more likely to engage with your company and seek your expertise for their business.

  5. Not having a thorough understanding of what your clients really want. Assuming that one solution will suit the needs of all your clients or not selecting the right/suitable service package for your clients’ business needs will hurt your bottom line. Your clients are relying on your expertise to provide them with guidance as well as a sound solution that most adequately suits the needs of their business. By not providing the clear definitions of the scope of your offerings, you’re really undermining the success of your own relationship with your potential client.

By steering clear of these mistakes, new and veteran MSPs can significantly boost their success.

Spice IT Email Post
Apr 2017
7

Fileless Ransomware Infections – How Does This Really Work?

 
Laptop with a lock

This is part three of five in a series on Ransomware that will discuss a new variation of ransomware (known as fileless ransomware), the most targeted verticals, how it works and what IT executives and administrators need to know to combat the ever-changing strains of ransomware.

There is a new variant of ransomware – it’s stealthy, nearly impossible to detect and is forcing more banks, telecommunication companies, government agencies and healthcare organizations globally to pay the ransom to cyber criminals. These attacks are known as fileless or non-malware ransomware and it leverages Microsoft’s PowerShell’s scripting language to target organizations through documents and/or applications that run through macros.

What is PowerShell?

PowerShell is a programming language designed to automate tasks on MS Windows operating environments and includes over 100 command line tools.

How does Fileless Ransomware Work with PowerShell?

Non-malware aka fileless ransomware (unlike traditional ransomware) does not use files to encrypt your data; instead it writes scripts/macros which derive from PowerShell to encrypt the files.

What are the two ways fileless ransomware can penetrate your systems:

Via Phishing Attacks: An email is opened on a device and automatically writes macros directly to your device’s (i.e. tablet, laptop, cellphone or desktop) memory which starts dictating commands of payment as well as encrypting your data.

Via Compromised Websites: An employee browses or visits a compromised/malicious website in which the cyber criminals write scripts to the computer’s RAM to capture some pertinent information which will then either ask for cryptocurrency or immediately encrypt your files.

Why is fileless ransomware unique?

Fileless malware is unique and difficult to detect because the malicious code is embedded into a native scripting language or written straight into the computer’s RAM, where it hides in isolated spots within the computer’s memory. It’s not written to disk nor does the malicious code rely on the hard drive to run these commands.

What are the problems associated with Fileless Ransomware?

  1. Fileless ransomware leaves little trace behind nor can it be detected with any antivirus software.
  2. This ransomware strain allows cyber criminals to have access to your systems, meaning that they can infiltrate your computers, steal your information and encrypt your files without your IT staff even knowing.  
  3. It can lead to more attacks. As the cyber criminals are writing scripts they’re also gathering as much data from the victim’s computer as possible.

What can end users do to protect themselves?

  1. BACKUP YOUR DATA. Monitor your systems frequently and backup regularly so you can revert back to specific points-in-time when you’re systems were free of malware and malicious attacks.
  2. BE VIGILANT. Disable all macros or do not open any files unless the end user is 100 per cent certain the file is not malicious. If there is any cause for concern, contact your MSP or IT administrator immediately.
  3. BLOCK all infected emails, pages, and communication with browsers and servers. Since the cybercriminals will write code to infect email and webpages, block anything that is odd, unfamiliar or sketchy.

Interested in learning how to keep your networks and systems protected against ransomware threats?

Contact a Recoverability Specialist

Spice IT Email Post
Syndicate content

For more information

Get insights about cloud backup and recovery direct to your inbox every month.
Subscribe to our Newsletter
 
Stay connected to the latest data protection insights – subscribe to our blog.
Subscribe to our blog
 
Got questions for one of our recovery specialists?
Need Answers to your Questions?
 
Print this page
Email this page