Tag

ransomware Archives - Page 2 of 2 - thinkCSC

May 09
0
robbinhood ransomware

Municipalities Under Threat from RobbinHood Ransomware

By | BDR, Cybersecurity, Ransomware | No Comments

Baltimore is the latest city government to fall victim to ransomware, for the second time in as many years. The city’s systems have been locked up since May 7 after being attacked by “RobbinHood” ransomware.

While the mayor is refusing to negotiate with the hackers or pay the 13-bitcoin ransom they’ve demanded, many of the city’s networks have been compromised, including police email and board of elections.

What Is RobbinHood Ransomware?

RobbinHood ransomware is a ransomware that targets an entire network and attempts to take over as many systems as possible. Once infected with the ransomware, it demands bitcoin payment in order to release the files. In the case of Baltimore, they’ve requested demanded $17,600 in bitcoin per system — a total of about $76,280, according to Dark Reading.

How Do You Get RobbinHood Ransomware?

Like other ransomware, the RobbinHood hackers gain access to an organization’s network through phishing emails that are deliberately designed to appear legitimate to the recipient of the email. In the case of Robbin Hood, they use several psychological tricks to compel the email recipient to click on the link that begins the encryption process. Prior to the attack on Baltimore, they successfully infiltrated Greenville, North Carolina networks.

Stop Clicking Links and Downloading Files

Email is a convenient method for communicating and has made business operations so much more efficient, but every employee in every organization has an obligation to stop clicking on links and files. If there is any doubt whatsoever about the legitimacy of the email (and even if there is not any doubt) follow up in person or over the phone with the sender to make sure they actually sent the file.

What to Do If You Get Ransomware

If you believe your network has been infected with ransomware, or if you have received a ransom demand, immediately disconnect from the network and call your IT department or managed services provider. In many cases, you can prevent the attack from getting worse by removing access to the network by the infected system.

Don’t Pay the Ransom

Paying the ransom only fuels the motivation of hackers to continue holding businesses hostage. Instead, make sure you have mitigated your risk by having a disaster recovery and data backup plan in place. Regular offsite backups can protect you from needing to pay a ransom to gain access to your network.

If you are concerned about the threat of RobbinHood and other common ransomware threats, contact us to learn more about how you can improve your security and better protect your organization. As you can see, every organization – from schools and hospitals to municipalities and utilities to businesses of every size – are at risk.

At thinkCSC, we take security seriously, offering innovative levels of security monitoring for our clients. Cyber threats are a normal part of doing business, but these risks can, and should, be addressed and abated. Partnering with the right managed services provider does make a difference. Today’s MSP does more than just provide technology and facilitate server upgrades; the right MSP is an integral layer of your cybersecurity, providing the expertise you need to remain competitive, secure, and in business. We can partner with your Columbus-region organization to develop a unique solution designed to fit your business model. Take the first step towards advanced cybersecurity practices and contact us today to learn more about our managed security services.

Feb 16
0
ransomware threats

The Biggest Ransomware Threat is Coming

By | BDR, Data Security, Ransomware

We have all seen ransomware become more sophisticated, regardless of where we live or work. And the cyber assaults seem to be never ending. Just as security and protocols are developed to keep your network secure, hackers use ransomware to go after educational institutions. As colleges and high schools work quickly to develop offsite backup and recovery solutions to protect them from having to pay ransoms in order to access their data, government offices became the target.

Ransomware Threats Are Growing

Even as technology has made us more efficient and more capable, it has also made us more vulnerable when we don’t implement the right solutions to protect our homes and businesses from these types of attacks. And the biggest threat from ransomware is yet to come: infrastructure threats.

Consider what has happened so far:

  • Hospitals and other medical facilities are being targeted. In 2016, hospitals were specifically targeted using Locky ransomware, with one LA hospital paying a $17,000 bitcoin ransom to access their files.
  • Utilities are at risk. In April 2016, the Lansing Board of Water & Light (BWL) in Michigan was the victim of a ransomware scheme that has cost the utility nearly $2 million.
  • Guests held hostage. In a unique display of cyber hacking, a luxury hotel in Austria was forced to pay an $1,800 bitcoin ransom after hackers accessed the hotel room keycards and locked the guests out of their rooms.

It’s likely that the next threat will be even more insidious, as hackers develop methods for compromising entire systems. Georgia Institute of Technology, recognizing the risk to programmable logic controllers (PLCs), developed ransomware with which they could take control of a simulated water treatment plant, gaining access to PLCs to control valves and additives, and even create false readings. While this was a simulation designed to help understand how to prevent an attack, the risk is real.

Act Now to Prepare for any Ransomware Threat

Businesses of all sizes and in all industries, government entities, schools K-16 and beyond, and individuals must all do their part to prevent ransomware. We must become far more selective about the emails we open, read, and forward, giving special attention to the links we click and the attachments we open. We must invest heavily in better security, from virus software to endpoint detection. We must all take steps to thwart hackers.

At thinkCSC, we believe that in order to achieve maximum success, regardless of the size or type of organization, you must make IT an integral part of your overall business strategy and partner with IT professionals who not only understand how to leverage technology to their advantage but who are also committed to understanding your business goals and aligning your IT strategy to them. We pride ourselves on having the best business-savvy technical experts in the industry. If you would like to learn how to create an IT security strategy aligned with your organizational goalscontact thinkCSC for more information.

Jan 12
0
ransomware is not going away

Ransomware is Not Going Away, but BDR Will Keep You in Business

By | Data Security, Email Security

Ransomware attacks continue to outpace cybersecurity efforts, threatening your organization’s most essential files. Thousands of employees, users, and clients click links and download files in emails, and no matter how cautious you urge them to be, a single toxic file is capable of bringing down your entire network. This threat is not going away, but your business can still employ its best defense and avoid a worst-case scenario.

Data is key to the success of your business

Businesses today rely heavily on data, but many of these businesses continue to operate without crucial protection. According to Datto’s State of the Channel Ransomware Report 2016, ransomware attacks on small businesses are becoming more frequent; 91 percent of the managed service providers they surveyed reported clients victimized by ransomware. Furthermore, findings indicated that the most common impact of ransomware was not simply loss of data, but business-threatening downtime that crippled productivity.

How do you convey to every single employee what ransomware looks like? How do you teach every client to not fall prey to a scam? You can start with educating and training employees about good security practices, urging them to download the thinkCSC email security guide. But training is not enough to protect your data from ransomware.

Backups can save your business

So what can your business do to protect itself? Backup and Disaster Recovery (BDR) is the best – and possibly only – protection against ransomware. If budget constraints are your main concern, then realize that the cost of implementing BDR is miniscule compared to the financial impact of an attack. Datto’s Ransomware Report estimates down-time costs at $8,500 per hour, which adds up to $75 billion per year. BDR allows you to:

  • Automatically back up and store data
  • Minimize downtime quickly after an attack
  • Avoid paying ransoms if an employee inadvertently introduces ransomware into your network

BDR makes it easy to maintain several copies of your data; as well, you can backup and store your data somewhere physically separate from your network. With the assistance of a managed service provider, your business can take extra steps for protection:

  • Testing backups to ensure that data is recovered properly
  • Manage passwords and user permissions
  • Take all necessary steps to ensure that your cyber security practices are air tight

Good cyber security practices involve steps that do more than try to avoid ransomware. Recognize that no matter how many layers of security you implement, there is virtually no fail-safe measure to safeguard against ransomware attacks. Ransomware is insidious in its ability to continue evolving to better dupe unsuspecting recipients into clicking a link or downloading a file.  Rather than gamble with the security of your data in the hope that it will never happen to you, be prepared with offsite backups that house and maintain all your sensitive data. BDR is a peace-of-mind measure that could save your business. Contact thinkCSC to learn more.