How do I protect my company from data loss from phishing and ransomware attacks?
It was just an email…
James from accounting receives an email from Sue downstairs in payroll. She asks him to “Make sure these financials look okay before submitting. See the file attachment (info_217.zip)”. It looks odd, and something sounded a bit familiar from that data protection memo he saw a while back, but heck, it’s from Sue; they have known each other for years! James opens the file, and nothing happens. He figures Sue must have sent a bad file, and calls down to her. She is perplexed by this because she didn’t send an email.
Meanwhile...malicious activity may already be done…
It is during this time that the help desk starts receiving calls from users that are unable to access files on the 3 TB company share folder. James then gets a pop-up on his screen stating that his files are encrypted and inaccessible. The demand of this ransom is to pay a “large sum” of money within 4 days to receive an encryption key that will unlock the files. Otherwise, they will remain permanently locked.
There are very effective prevention and response actions that can significantly mitigate the risk posed to your organization."
Containing the threat…to minimize data loss...
The attacker was able to spoof the email address of the company and message another staff member, making it appear as if it were an internal email request. Once the damage was done, all the IT staff can do is stop the threat from spreading to other systems internally and put their trust in their data recovery planning. The ransomware infected James’ PC and 2 other servers. All three were identified and were cordoned off from the network. Management was made aware that the amount of “ransom” money required to obtain the encryption keys (if they even EXISTED) would be in the tens of thousands of dollars.
Coming to the rescue...with proven data protection…
Realizing that they don’t have the budget for any kind of payout, management asks the IT manager what can be done and how many days it will take to recover the encrypted/inaccessible data. Thankfully, the IT staff has a STORServer Appliance protecting their data. The backup administrator is able to explain to management the encrypted data can be restored very easily and quickly. In fact, one of the servers is a virtual machine, and is able to spin up from backup to be used in a matter of minutes.
Ransom attacks are very real and require sophisticated data protection
Don’t be a victim! Your STORServer reseller or channel manager can help you create a data protection plan to shield you from malicious hackers and other potential threats that could impact your business.
STORServer is always ready to help you avoid being the next victim of ransomware. See how we can simplify data protection for your enterprise operations.
“Don't be fooled by the drop in overall ransomware attacks this past year: Fewer but more targeted and lucrative campaigns against larger organizations are the new MO for holding data hostage… more than 80% of ransomware infections over the past year were at enterprises, as cybercrime gangs began setting their sights on larger organizations capable of paying bigger ransom amounts than the random victim or consumer.”Ransomware's New Normal