2016: The year ransomware brought data protection and IT security together

Posted by Mike Vizard on Dec 29, 2016 11:10:54 AM

Most managed service providers will remember 2016 as the year data protection was tightly coupled with IT security for the first time, thanks to the rise of ransomware. The idea that data protection and IT security should be linked has been around for decades. But, it wasn’t until IT organizations realized that the only effective defense against ransomware is to have access to pristine unencrypted copies of data that data protection became a real element of IT security defense strategies.

The challenge going to in 2017 is figuring out how to augment those defenses at a time when ransomware is on the cusp of becoming even more lethal. Cybercriminals have already figured out how to attach the malware they use to encrypt data to self-propagating worms that have the potential to spread ransomware across hundreds of machines in a few short hours.

Read More

Topics: Malware

Ransomware is now a $1 billion industry

Posted by Mike Vizard on Dec 20, 2016 10:29:32 AM

A new ransomware report from IBM Security finds that nearly one in two business executives have experienced ransomware attacks in the workplace, and 70 percent of those executives said their company has paid to regain access to encrypted data. In fact, half of those that have paid a ransom paid more than $10,000, with 20 percent admitting they paid more than $40,000.

In addition, the report finds that nearly 60 percent of respondents indicated they would be willing to pay a ransom to recover data, and 25 percent said that depending upon the data type they would be willing to pay between $20,000 and $50,000 to regain access.

Only 29 percent of small businesses surveyed have experienced ransomware attacks, though, compared to 57 percent of medium-size businesses. But accounting for both business and consumer victims, the FBI now estimates that ransomware is already a $1 billion industry.

Read More

Topics: Malware

Calculating the cost a ransomware attack

Posted by Mike Vizard on Nov 29, 2016 10:37:17 AM

On average, it takes an organization 33 man hours to recover from a ransomware attack. That’s the benchmark identified by a survey of 500 IT security professionals conducted by the market research firm Vanson Bourne on behalf of SentinelOne, a provider of endpoint protection software.

Naturally, the actual amount of time can vary based on the number of people an organization might have available to throw at the process. But, the report does give managed service providers (MSPs) some insight into what they need to be able to beat to make a case for taking over backup and recovery.

Read More

Topics: Malware

Ransomware’s growing impact on healthcare security and HIPAA compliance

Posted by Anne Campbell on Nov 9, 2016 1:18:53 PM

Ransomware skyrocketed in 2016, with the FBI reporting an average of 4,000 ransomware attacks per day — a 300-percent increase since 2015. This has been especially bad news for healthcare organizations, which have been hit hard by this type of cyberattack that works quickly to encrypt files and then holds them hostage until a ransom is paid.  

In February, one of the first widely reported hospital ransomware attacks targeted Hollywood Presbyterian Medical Center in California, forcing the hospital to pay roughly $17,000 in ransom and resort to pen-and-paper record keeping until their files could be restored.  Since then, numerous hospitals and healthcare organizations around the country have faced similar attacks. For example, MedStar Health, which operates 10 facilities in the Baltimore-Washington region, was hit with ransomware, but it was able to recover without paying the ransom because it had backups in place for the encrypted information.

Read More

Topics: HIPAA and Healthcare IT, Malware

Ask Intronis: What are the newest trends in ransomware?

Posted by Lauren Beliveau on Oct 17, 2016 7:30:00 AM

Q: Ransomware seems to be running rampant. A couple of my customers are concerned about how fast it’s growing, and I was able to put some extra precautions in place to protect them. I want to make sure we stay ahead of the problem, though. What are the newest ransomware threats I need to make sure our customers are aware of?

Scouring the Internet on a regular basis and learning about the new strains of ransomware can be tiresome—and almost impossible when you’re busy running your MSP business. However, it is important to keep up with these kinds of trends and know which threats you need to mitigate.

To help shed some light on the newest ransomware trends, we consulted Senior Partner Support Engineer Paul Hanley. Paul works closely with our MSP partners and stays up-to-date on all the latest security threats. He shared with us not only the newest threat to emerge but also the best practices that should be put in place to protect your customers from it.
Read More

Topics: Malware, Ask Intronis

Ransomware moves into the cloud

Posted by Mike Vizard on Oct 13, 2016 1:00:00 PM

One of the assumptions many people make about cloud services is that someone is responsible for maintaining security of the environment. That’s true as far as the service itself is concerned, but any data loaded onto those cloud services is still going to be subject to the same malware infections that IT organizations have to deal with on premise. When an end user loads a file that has been infected with, for example, ransomware, that malware travels with the file into the cloud.

In fact, a recent report from Netskope, a provider of cloud security software, finds that on average there are 26 pieces of malware found in cloud applications across an organization.

Read More

Topics: Malware

Ransomware Highlights the Need to Manage Data Protection as a Process

Posted by Mike Vizard on Sep 8, 2016 11:26:31 AM

Under the heading of an ill wind always blows some good, the rise of ransomware has certainly moved data protection up the IT agenda. There are very few IT organizations these days that are not at the very least considering what they might need to do should all the data the organization depends on suddenly be become encrypted by cybercriminals demanding money for the keys needed to decrypt that data.

Read More

Topics: Malware

Ransomware driving backup and recovery conversations for MSPs

Posted by Mike Vizard on Jul 26, 2016 10:14:37 AM

Backup and recovery may not have always been the sexiest of IT topics, but thanks to the rise of ransomware it is now one of the hottest.

The single most effective defense against ransomware is an ability to recover an organization’s data from an unencrypted data source. Otherwise, most organizations wind up paying a fee to recover data that has been encrypted by cybercriminals who typically used social engineering techniques to trick an end user into downloading a file loaded with malware.

Read More

Topics: Malware

Cerber ransomware targets Microsoft Office 365 users

Posted by Anne Campbell on Jun 30, 2016 3:58:24 PM

First identified back in March, Cerber ransomware made headlines again recently after reportedly targeting Microsoft Office 365 users through a large-scale zero-day attack.

Outside estimates say the email was sent to millions of Office 365 users and that it took Microsoft more than 24 hours to block. Microsoft responded through a spokesperson, telling SC Magazine that Office 365 malware protection identified the threat and was updated within hours and that only a small amount of users were targeted.

Cerber is still a serious threat, though, and MSPs need to know how to protect their SMB customers from this ransomware strain that appears to be on the rise.

Read More

Topics: Malware

TeslaCrypt closes doors, offers master decryption key

Posted by Paul Hanley on May 20, 2016 8:59:08 AM

In a surprising turn of events, notorious ransomware TeslaCrypt seems to be no more.

Read More

Topics: Malware

MSP Health Check
MSP Phishing Quiz
MSP Marketing Assessment
Intronis Local Lunches