Ransomware Has Evolved and it keeps evolving!
Cybercriminals continue to pose threats to enterprises. Just to name a few recent victims: The city of Atlanta, Boeing, and the UK National Health Services were captivated by cyber attackers.
While hackers have been around for years their ways to enter our IT infrastructure have evolved. Earlier it used to be through phishing attacks – sending emails to untrained employees that entice them to click on a dangerous link. Now companies have trained their employees, computer users, in general, have become savvier to phishing attacks, spam and email filters have become more efficient, and/or the amount of ransomware news has made us all aware of the threat. Whatever the reason(s) cybercriminals have upscaled their game.
Today an important entry point for hackers and ransomware is through unpatched software that’s where software patching comes.
Let’s analyze two recent cybercrimes and examine the means of entry. In the breach at Equifax, it is estimated that 147 million US and 15 million UK names, birth dates, and social security numbers were exposed. The criminals were able to enter Equifax through an unpatched server. that hosted Equifax’s dispute resolution software.
More recently one of the largest soft drink suppliers in the U.S., Arizona Beverages was infected. Lots of Windows-based computers and servers were wiped clean, effectively destroying their sales operations for 7 days until the incident response team from Cisco was called in. Although its UNIX/Linux systems were unaffected, the ransomware left the company without any computers able to process customer orders for almost a week.
Ransomware’s entry point into Arizona Beverages was also an unpatched server operating system. Many of Arizona’s back-end servers were running old and outdated Windows operating systems and a lot of them didn’t receive security patches in years.
Earlier, having a firewall and virus scanner at the borderline of your network was enough. However, the cyber security threat now requires additional types of security measures.
Automated Patch Management –Patching of operating systems and business applications is far too large a job to be done manually. Best-in-class MSP like Pulse Tech can conduct an inventory of all endpoints (workstations and servers) to collect the software version number and patch status of installed OS and apps. From there we can schedule a regular and automated process to install patches during periods of low business impact.
Backup with ransomware detection – Leading backup and recovery solutions will automatically check every backup for evidence of ransomware activity. Suspicious ransomware infected backups will be flagged to prevent their use and alerts will be sent to administrators via the portal and their email.
Protect your SaaS applications –Microsoft and Google will protect against server and network failures but protecting against user errors and malicious employees is your responsibility. It is vital to protect data in SaaS applications such as Office 365, Google G Suite, QuickBooks, and Salesforce because this is data not replicated by your data backup and disaster recovery appliances.
Intrusion monitoring – As was the case with Equifax, hackers who get past firewalls can spend months or years inside undetected while stealing your data. Intrusion monitoring tools will be able to detect hackers and malicious employees who pose an even larger threat and alert you when they take actions such as giving themselves administrator rights or logging into servers at suspicious times.
Unfortunately, cybercrimes can’t disappear from our connected world. But fortunately, there are awesome new tools that can close entry ports, detect suspicious activity, and recover infected files with a minimum amount of damage.
Get your server Managed! Call us for consultation.
If you want to save your business from software patching then get connected with Pulse Tech.Pulse Tech offer a comprehensive security foundation to run your network safely and reliably against all kinds of threats, Our triple-layer backup with ransomware protection software is unparalleled in security. We can GUARANTEE the safety of your Data