Based on a recent survey conducted by the folks at Titaniam, a solid majority of organizations have robust security tools in place. Yet nearly 40 percent of them have fallen victim to a ransomware attack in the past year.
How can this be? With conventional tools in place, how can this still be happening?
The answer to that question is complex. Ransomware attacks ultimately have three different phases. Each phase must be protected against and in each case, the type of protection needed varies. Let's start by taking a closer look at the anatomy of a typical ransomware attack. They always begin the same way: Infiltration.
To do anything to your company's network, the hackers first must gain access to your network. Thus, your first line of defense is to keep that from happening.
The good news is that most companies have robust tools that are specifically designed to block unauthorized intruders. The bad news is that hackers can get around those tools entirely by stealing an employee's login credentials. That is how many of these types of attacks occur. Once inside, the hackers proceed with data exfiltration. Wholesale copying sensitive data and uploading it to a command-and-control server operated by the hackers.
From the perspective of the hackers, this is where the payday is. They know all too well that companies will pay handsomely to keep proprietary data from being leaked to the broader public, and hackers are only too happy to take full advantage of that fact.
This is where many companies are weak. To protect against data exfiltration, companies need to invest in three different types of encryptions. Encryption at rest, encryption in transit, and encryption in use. Most companies invest in one. A solid minority invest in two, but very few invest in all three. That creates a window of opportunity for the attacker.
Finally, the third stage is wholesale file locking. This is exactly like what you think it is. All the files that the malicious code can get to will be locked and encrypted. If you want them back, you must pay. Assuming you don't have a recent backup, of course. Even if you do have a backup, you'll pay in the form of downtime while you're restoring those files.
Understanding exactly how a ransomware attack is put together and how it functions is key to designing a security routine that will defeat it, preventing the attackers from ever gaining a foothold on your network.
If this tip helps and you would like to donate click on the button. Thanks In Advance
________________________________________________________________________________________________________
"Fortune Favors, Who Value Time over Money!"
"TeQ I.Q. was the 1st IT Company to Deliver Cloud Solutions since 2003"
Tech issues taking up your Time?
"TeQ I.Q. Makes Your Technology Simple and Easy"
Do you have Tech Frustrations like your Computer, Internet, Phone, Cellphone, Camera, TV, Car?
"We Take Away Your Tech Frustrations and Give You the Free Time You Deserve!"
Call Robert to ask all your Technology questions.
We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.
For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/
Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!
