Ransomware continues to be a daily headline in the news. In the past week, we have seen Honda, CFO, and Microsoft. In 2019,the Internet Crime Complaint Center (IC3) received 2,047 ransomware complaints, with losses over $8.9 million.
To prevent ransomware from infecting an organization, deploy SecureCircle and an Endpoint Detection and Response (EDR) solution such as Crowdstrike. SecureCircle will ensure that unauthorized users cannot access any data that leaves an organization.
EDR will block known ransomware and stop the execution of ransomware via unpatched vulnerabilities. SecureCircle and EDR provide a productive ransomware protection solution.
There are a few types of ransomware attacks.
Crypto ransomware encrypts valuable files on a computer so that the organization cannot access them. Thieves ask for money to get their files back Locker ransomware does not encrypt files. It locks the victim out of their device, preventing them from using it.
Data theft ransomware may or may not encrypt the data on a computer, but it will transfer the data to an offsite location. The thieves ask for money to not release the data to the public.
SecureCircle prevents data theft attacks such as the Grubman Shine Meiselas and Sacks law firm. Data is always protected, and if data transfers to an offsite location, it would be protected, and the thieves would not have any access to the content. Celebrity legal content would not be published online.
Remediate the crypto and locker types of attacks with proper backup solutions. Backups need to be isolated, so the attack does not compromise the backup data. The retention window needs to be long enough that clean backups are available. While restoring data can take time as well as reimagining computers to remove the attack, this option provides a viable path to recovery.
SecureCircle recommends companies do not pay ransoms. There is no guarantee paying payments will return data. Only 26% of US companies paying the ransom got their files unlocked.
Companies have been desperate to find solutions to ransomware attacks, including using decrypters found on the web. This week a fake STOP Djvu ransomware decryptor was found that deploys new ransomware.
Paying a ransom or reversing the ransomware should not be relied on to keep organizations safe. Instead, prevent ransomware with SecureCircle and a proper EDR solution.
Written by Davin / SecureCircle