cybersecurity
Mike Barlow

Tackling the Top 3 Cybersecurity Hassles for MSPs

/in , , /by

As someone who has worked in the technology space for over a decade, I often hear from Managed Service Providers (MSPs) who are frustrated by the amount of research, problem-solving time, and day-to-day management that is required to provide comprehensive cybersecurity to their clients. Adequately protecting clients from the growing landscape of cybersecurity threats gets more challenging every day.

For service providers, most of their pain points center around three areas:

  • Tools: Working with multiple platforms and disjointed software products is complex. It’s frustrating and time-consuming for MSPs when cybersecurity tools do not integrate well or talk to each other.
  • Technology: Cybersecurity technology is constantly changing. It’s time-consuming and challenging for many MSPs to stay on top of all the latest product developments, new tech, and best practices that will help them stay ahead of threats and protect their clients.
  • Talent: Today’s MSPs have a lot on their plates, and their teams are overwhelmed. Many providers don’t have in-house cybersecurity experts or 24/7 resources to provide robust prevention, management and remediation of threats.

Finding the right support

The good news is that MSPs don’t have to battle these frustrations on their own. Finding a cybersecurity partner can relieve your team’s cybersecurity fatigue while making sure your clients are protected.

The right partner can take on the burden of researching and selecting the right cybersecurity software tools for your business, as well as managing the solution after it is installed. Make sure you choose a cybersecurity solution that utilizes enterprise-grade, constantly updated tools and software.

It is also helpful to work with a partner that has strong and influential relationships with software and technology providers—especially when quick product support or remediation is needed.

For example, Ostra’s proprietary infrastructure and architecture offers a comprehensive 24/7, 360-degree cybersecurity package that leverages the most secure and proven platforms available today. We configure the very best and latest technologies into one easy-to-install platform, which enables our partners to protect their clients with a simplified solution.

If you are the one responsible for addressing the cybersecurity needs of your organization, it is common to become exhausted by research. It takes time and patience to stay on top of the latest software products, tools, and services on the market.

This is why a holistic, layered approach to cybersecurity is needed. For more details about what this involves, I highly recommend this blog that covers “7 Cybersecurity Must-Haves,” written by Ostra’s founder, Michael Kennedy.

Why is layered cybersecurity essential?

The field of cybersecurity is broad, deep, and ever-changing. Covering all of your clients’ cybersecurity gaps can be a challenge for MSPs—especially with so many technology silos and specialty areas to navigate.

For example, it’s important to think about 24/7 SOC & SIEM coverage, email threat protection, endpoint security, the right firewalls, VPNs and more for your clients. You’ll also want to make sure your solution is backed by human expertise to make the best decisions and act on threat intelligence.

That’s why a layered, proactive approach is essential to protecting small businesses and medium-sized companies from cyber threats. This will help you eliminate threats that others do not—which gives your SMB a competitive advantage.

Partner up for best results

As an MSP, it’s vital to have a cybersecurity expert in your corner, whose advice and quick response you can count on to support your business.

Industry trends show that MSPs are relying more and more on MSPs to separate cybersecurity responsibilities from the rest of the things IT departments are covering, and to make things easier. For example, this Rasmussen University article lists some common cybersecurity problems that most organizations face—including treating cybersecurity like just another IT issue. And this Tech Republic article, “The Rise of the CISO,” illustrates why cybersecurity is its own animal, and can’t just be expected to be absorbed by IT. It needs dedicated resources that can adequately address security threats.

When it comes to a partnership model, Ostra takes a unique approach. Rather than simply signing up channel partners and their customers, Ostra is intentional about partnering with a variety of IT service and solution providers—creating a network that can cover the full range of client and industry needs. This allows Ostra to provide our clients with trusted referrals for their other IT requirements, which also helps our partners grow.

Ostra is committed to helping our network of consultants, IT and Managed Service Providers enhance value for their small to medium-sized business clients by offering comprehensive data protection solutions. Our technology suite—combined with the service expertise of our channel partners—delivers a comprehensive solution that meets the unique IT challenges facing business owners today. Contact Ostra to explore the benefits of partnering with us.

Are you ready for a hassle-free way to provide comprehensive cybersecurity to your clients? Learn how to become a partner today.

Ostra Cybersecurity

Why SMBs are hot targets for ransomware (and how to avoid becoming a statistic)

/in , /by

Although today’s businesses of every size are busy navigating data security issues, cybercriminals know that small and medium-sized businesses (SMBs) are even more vulnerable.

In the U.S. alone, there are 32.5 million small businesses—defined as having fewer than 500 employees. They make up about 99.9% of all U.S. businesses (Small Business Administration, 2021). For cybercriminals, that’s a wide-open field of prime targets for ransomware.

Why are SMBs more vulnerable? There are several factors, including:

  • Smaller IT/security staff and infrastructure
  • Lack of awareness or knowledge about how to protect themselves
  • A false sense of security (e.g., “criminals only target huge companies”)
  • Belief they cannot afford to implement the same robust safety measures as larger firms

Some SMBs rely on consumer-grade, off-the-shelf solutions to protect their data. But SMBs deserve a better approach to protecting one of their most valuable assets—their data, and their customers’ data. Read more about why cybersecurity should be on every business owner’s radar.

Know Your Risk

Consider these alarming statistics about the impact of cyberattacks on SMBs:

1Coveware Marketplace Report (Q4 2020). 2 Coveware blog: Size of Companies Impacted by Ransomware in Q2 2021 (July 2021). 3 Corporate Compliance Insights blog (June 2020) and 2020 Incident Response & Data Breach Report by Crypsis. 4 Stats found on www.coveware.com for Q1 2021 ($220,298), Q2 2021 ($136,576) and Q3 2021 ($139,739) indicate the average payment in Q1-Q3 was $165,53.

Here are a few additional facts that show why it’s important for SMBs to protect their data:

  • 42% of small businesses were targeted by internet criminals in 2021. Source: Embroker
  • 2 out of 5 SMBs have fallen victim to a ransomware attack. Source: Datto’s 2020 Global State of the Channel Ransomware Report
  • 47% of small firms (1- 50 employees) and 63% of medium sized firms (50-249 employees) experienced one or more cyberattack in 2019. Source: Hiscox Insurance
  • Over 4,000 ransomware attacks PER DAY took place around the world in 2021. Source: TechJury/ FBI
  • 66% of SMBs experienced a cyber-attack in 2019; and yet 45% of SMBs surveyed said that their processes are ineffective at mitigating attacks. Source: Ponemon Institute
  • There were 226.3 million global ransomware attacks between January and May 2021, an increase of 116% year-to-date over 2020. Source: SonicWall

From Big to Middle

According to Coveware, an incident response and recovery firm, ransomware continues to affect small businesses disproportionately because “the profits ransomware actors generate are too high, and the risks are too low.”

In their October 2021 article, Ransomware attackers down shift to ‘Mid Game’ hunting, Coveware stated:

“In Q3 almost 44% of attacks impacted businesses with between 101-1,000 employees, up from 38% in Q2, reflecting threat actors potentially shifting from Big Game Hunting to Mid Game Hunting.”

Awareness Inspires Prevention

Many ransomware perpetrators try to gain access to data through human error, weak or compromised passwords, or even by attempting to get a company insider to assist them. That’s one reason that Ostra advises SMB clients to raise awareness among employees about data security. Staff who are trained, aware and committed to data privacy can provide an invaluable layer of defense against ransomware.

For an inspiring example of this, read Ostra’s blog about a vigilant Tesla employee who helped prevent a massive ransomware attack at the company. Admittedly, Tesla is definitely NOT a small business—but the same principle of being prepared can benefit SMBs as well.

The Ransomware Attack that Sparked Ostra

Cybersecurity trailblazer Michael Kennedy started Ostra Cybersecurity after a ransomware attack wreaked havoc on his friend’s small business. Read the full story here.

Ostra was founded with the belief that SMBs should be able to access the robust, layered data protection tools and strategies that the world’s largest companies rely on. Ostra’s managed cybersecurity solution offers Fortune 100-caliber, 360-degree protection that allows companies of all sizes to protect their most valuable asset—their data.

Ready to learn more about how to prevent ransomware and other cyber threats from impacting your company or your clients? Contact Ostra today.

Ransomware Attack
Michael Kennedy

The Ransomware Attack that Sparked Ostra Cybersecurity

/in , /by

With cyber-attacks and security breaches on the rise, the need for better cybersecurity solutions and reputable data protection services is no longer something to “think about for the future.” While large companies spend millions of dollars protecting their digital assets, small and mid-sized companies struggle to find solutions that work and are both affordable and maintainable.

The market is full of “free” and “low-cost” tools that trap business owners – requiring them to purchase additional products and services to maintain security, or actually infecting their systems with malicious viruses designed to steal their information. Too many small businesses take steps to protect themselves only to learn software they trusted has led to a virus, ransomware attack or keylogger data theft. The challenge is real, and it became our mission to develop a solution to protect the little guys.

With a background in IT project management, mergers and acquisitions, leadership consulting, and organizational development – I enjoy finding new ideas and building new businesses. But cybersecurity was not on my radar until I led a $100 million global security initiative for a Fortune 10 company. A combination of industry connections and personal experiences challenged me to protect small businesses from the growing threat of online attackers.

Listening to the industry beg for knowledge of how to prevent ransomware and seeking affordable data protection services motivated me to develop a better way for companies of all sizes to have effective cloud data protection.

The Ransomware Attack that Sparked Ostra Cybersecurity

Several years ago, while sitting around a firepit at deer camp, a good friend began sharing a story about the cyberattack his company was currently facing. His company was in the midst of a ransomware event – someone was holding their data hostage for payment. I was asking him questions like, “What are you going to do? How will you stop it?” His reply stopped me in my tracks. He said there’s nothing they could do … they simply had to pay the ransom.

Digging further I learned he had called the FBI, but unfortunately the ransom amount was “small enough” that it wasn’t something the FBI would pursue. My friend’s company paid several hundred thousand dollars to get their data back. That ransomware attack could have been prevented if smaller companies only had access to the same security protection as the Fortune 100.

I do not consider myself a cybersecurity expert, but I am extremely passionate about taking care of business data the same way I want to protect my own family and friends. Listening to him struggle with a ransomware attack that was preventable, entirely avoidable – that really solidified it for me. We need to educate people. We need to provide the tools. There IS a better way for small business to be protected … it just requires the right layered approach to security.

Listen to Ostra Cybersecurity’s origin story in this video blog >>

Ostra’s Beginnings

Tapping into the knowledge and expertise of my professional connections, I began to evaluate how the small business market was looking at cybersecurity. To my chagrin, the market was flooded non-cohesive solutions for security assessments, virus software, and firewall and endpoint protection. You would never find a Fortune 100 company using bits and pieces of cybersecurity, and certainly not trusting free tools.

This is why Ostra Cybersecurity was founded – to build a company on a mission to provide big company tools in a cost-effective and manageable way for every company to adopt and manage. The tools are available, but the know-how to bring them together in a suite of services that is affordable for companies of all sizes … that was the challenge.

Our goal is to enable small to medium-sized business to have the cybersecurity protection we see larger organizations spend millions on each year. Even better, to put our combined cybersecurity solution in the hands of the most reputable companies serving small businesses with IT solutions means that Ostra Cybersecurity’s positive impact for small business owners multiplies. We are taking down the barriers that stop small businesses from protecting their data, their systems, their employees and their customers.

The Concept Behind Ostra’s “Suite of Services”

ostra-cybersecurity-suite-of-servicesBack to the idea of protecting your home with a security system … if you put locks on the windows and doors, but then leave them wide open – your home is not secure. Many of the so-called “enterprise” solutions are like door locks – they only work if they are engaged. We believe in layered solutions that watch and pay attention regardless of whether the window or door is locked … that let you know if you’ve left something open.

We’ve designed a system – a suite of services – providing small and mid-sized companies real protection, just like the big guys deliver for the Fortune 100. We have multiple security tools in place, run constant simulations, have firewalls watching for types of malware, IPS (intrusion prevention system), anti-virus solutions, email security protection … and we have all these systems talking to each other in real-time. THAT is layered data protection services that work for small business.

Avoid Cyber-Actors, Follow Industry Leaders

Many companies push their enterprise-level solutions, enterprise meaning sized for Fortune 500 or Fortune 1000 level organizations and not sized for small to medium-sized business, or home office solutions. Additionally, lesser solutions promote themselves as “enterprise” even when they don’t meet the standard set by industry-leading technology groups and independent researchers like Gartner.

In March 2021, Gartner published a digital article called “Organizations who recognize the value of a security leader, but can’t afford a traditional CISO should consider virtual options.” This article discusses the emerging recognition of smaller companies to be more strategic regarding cybersecurity and the necessity to have a leader, a CISO, responsible for guiding company cybersecurity protocol.

A CISO is the chief information security officer for a company – large companies can easily pay the $200 – $500K average salaries for these strategic security leaders, but what about companies that can’t? Gartner’s article goes on to encourage smaller companies to consider a “virtual CISO,” and lists ways that companies can pursue industry standard cybersecurity at an affordable price.

(From Gartner Article) At the most basic level, virtual CISO offerings are a hybrid of:

  1. Traditional staff augmentation, involving an on-site or virtual presence in meetings, events, operations and strategy planning
  2. Consultative engagement and management to drive creation and implementation of security and risk program artifacts, such as strategic and tactical roadmaps, architecture and policy, and to run risk management and risk assessment processes
  3. Project management of architecting and deploying security and risk solutions
  4. Coaching or advisory services to train full-time staff on how to leverage created artifacts, develop communicating plans and train the next generation of security and risk leaders

Ostra Cybersecurity – Solving Problems Before They Happen

With Ostra Cybersecurity comes a team of experts in the field of relationship management, IT integrations and decades of combined cyber security expertise. We operate behind the scenes to protect businesses by managing Detection and Response before threats get in. This saves our clients time and tens of thousands of dollars dealing with costly problems associated with simply reacting to threats and data breaches after they occur.

Ostra makes it manageable for small companies to have access to Fortune 1000 services and to understand how to prevent ransomware from infiltrating their systems. We provide cloud data protection to avoid the various types of malware. Waiting until an attack happens isn’t a sound strategy, and we have made it our mission to provide data protection services to companies of all sizes.

By making cybersecurity technology simple, comprehensive and accessible to business of all sizes, Ostra is helping create a world with greater data privacy and protection for all of us.

Start taking a proactive approach to cybersecurity by scheduling a free security audit with our expert team today.

Cybersecurity: Frequently Asked Questions

What is cybersecurity?

Cybersecurity is the protection of computers and systems from attacks. Just like protecting your home by investing in a security system with cameras and sensors, cybersecurity protects your company’s systems, computers and data from hackers. The right solution will protect your personal information, customer lists and financial details from “cyber actors” who are constantly roaming the web looking for unprotected assets. Mike Kennedy, Founder of Ostra

What is ransomware?

Want to understand how to prevent ransomware? It starts with understanding the threat. The Cybersecurity and Infrastructure Security Agency (CISA) defines ransomware as: an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom is not paid. In recent years, ransomware incidents have become increasingly prevalent among the Nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations.

What are the types of Malware?

According to Cisco, Malware is intrusive software that is designed to damage and destroy computers and computer systems. Malware is a contraction for “malicious software.” Examples of common malware includes viruses, worms, Trojan viruses, spyware, adware, and ransomware.

What is cloud data protection?

Companies large and small still struggle with the idea of data protection services, specifically cloud data protection. Is my data really safe in the cloud? Norton answers questions about cloud safety in this excerpt from Cloud Security: How Secure is Cloud Data?

The data that you save with cloud service providers may likely be safer than the information you’ve stored in your computer’s hard drive. Remember, hackers can use malware and phishing emails to get the information stored on your own devices. They might freeze your computer, demanding a ransom before they’ll release the files and data they’ve frozen.

The security measures undertaken by larger companies providing cloud services are likely to be more robust and powerful than what you have protecting your home computer and devices.

types of malware
Ostra Cybersecurity

11 Types Of Malware + How To Detect & Remove Them

/in , /by

Taking care of your business’s data and sensitive information means staying vigilant against cybersecurity threats at all times. This is made more difficult each year, as new types of viruses, technologies, and methodologies for cybercriminals are created. For example, since its inception in the 70s, many variants of malware viruses have been created, amplifying the danger of cybersecurity threats for small and medium-sized businesses.

To help defend your organization against malware, we’ve crafted this guide of 11 of the most common types of malware and how to effectively get rid of them.

11 Types of Malware: How They Get in Your System, What They Do, & How to Get Rid of Them

types of malware

1. Ransomware

How it Gets in Your System: Phishing emails that contain malicious downloads or attachments are often the source of ransomware.

What it Does: Blocks access to a computer system or computer files until a sum of money is paid.

How to Get Rid of it: Unfortunately, paying the ransom is the easiest way to remove this malicious software. This makes prevention all the more important.

2. Spyware

How it Gets in Your System: This type of malware gets in through drive-by-downloads or another inadvertent action by an internal employee—such as clicking on a link in a phishing email.

What it Does: Steals internet usage data and sensitive information (credit card and bank account information, PII)

How to Get Rid of it: A spyware removal tool can be used, depending on the severity of the infection. More drastic actions may need to be taken if the virus is robust.

3. Adware

How it Gets in Your System: Enters via malicious apps or pops-ups that take advantage of browser vulnerabilities.

What it Does: Bombards your devices with unwanted advertisements on your computer, attempting to get you to download malicious software.

How to Get Rid of it: In some instances, you can simply uninstall the adware. With more serious adware issues, you’ll need to use anti-adware software to get rid of it.

4. Malvertising

How it Gets in Your System: An employee clicking on malicious ads that appear legitimate will cause malvertising to be downloaded onto the system.

What it Does: Attempts to inject malicious code that installs malware or adware on the user’s computer.

How to Get Rid of it: Delete any files that were downloaded, use a virus scanner, and eliminate. In some instances, you’ll need to work with a cybersecurity team to totally rid the computer of the virus.

5. Trojan Malware

How it Gets in Your System: A trojan virus will typically enter a system through a piece of malware attached to an email. The file, program, or application appears to come from a trusted source.

What it Does: Damage, disrupt, steal, or in general inflict harmful action on your data and network.

How to Get Rid of it: Installing an antivirus program that will search, isolate, and remove the virus is one of the best ways to get rid of a trojan virus.

6. Fileless Malware

How it Gets in Your System: Phishing emails are a common culprit for fileless malware. Unlike many other viruses, fileless malware doesn’t touch the hard drive but instead embeds itself into the memory.

What it Does: Gains access to your secure data and exploits it.

How to Get Rid of it: Fileless malware can be particularly difficult to purge from your system. Preventative measures are a must for this type of malware.

7. Worm Malware

How it Gets in Your System: Traditionally gains access to a system through a phishing email. It can also be inadvertently downloaded online.

What it Does: As a self-replicating virus, worm malware can quickly spread and wreak havoc on a company by gaining access to their valuable and private data.

How to Get Rid of it: Using a dedicated removal tool will assist in eradicating a worm virus in your system. If the virus has spread too fast, you may need to bring in some outside help.

8. Mobile Malware

How it Gets in Your System: Mobile malware is exactly what it sounds like—malware that gains access through a mobile device. This can be done by drive-by-downloads, trojan viruses, mobile phishing, and browser exploits.

What it Does: Gains access to private information and data.

How to Get Rid of it: Restoring your phone from an earlier back-up can potentially rid your mobile device of the malware.

9. Rootkit Malware

How it Gets in Your System: Often derive from unintentional downloads online. They are designed to remain hidden on your computer.

What it Does: Remotely control your computer to gain access to your system and data.

How to Get Rid of it: Because rootkit malware is difficult to detect and get rid of, this is another type of malware where prevention is key.

10. Keylogger Malware

How it Gets in Your System: Phishing emails and trojan viruses are two of the more prevalent ways in which keylogger malware infects a computer.

What it Does: A keylogger is a type of spyware that can be used to track and log the keys you strike on your keyboard, capturing any information typed—including PINs, credit card numbers, usernames, passwords, and more.

How to Get Rid of it: Anti-rootkit software is oftentimes your best bet when dealing with keylogger malware.

11. Bot Malware

How it Gets in Your System: Malicious pop-up ads or the downloading of dangerous software from a website are often the starting points of bot malware.

What it Does: Bot malware is a self-propagating malware capable of infecting its host and connecting it back to its central servers. Obtaining financial information, exploring back doors open by worms, content scraping, email address harvesting, and more can all be done by bot malware.

How to Get Rid of it: A robust antivirus software will need to be deployed to get rid of bot malware.

The Best Offense is a Good Defense

In order to best protect your business from malware, prevention methods must be integrated into your system. Ostra has Malware protection built into our integrated technology so threats are blocked before they get in.

Ostra’s multi-layered solutions make keeping your data safe simple, as it prevents viruses from compromising your system in the first place. Instead of piecing together a cybersecurity solution from multiple providers, you can choose Ostra and cover your emails, endpoints, mobile devices and your entire network with one centralized solution.

Ostra works around the clock to protect and secure your data. After all, cybercriminals don’t take days off—your cybersecurity solution shouldn’t either.

Reach out to Ostra to get started on combating malware and other cyber threats today.

Ostra-largest-medical-cyberattack-998x681px
Ostra Cybersecurity

Largest Medical Cyberattack in US History?

/in , /by

Universal Health Systems is a major US hospital and healthcare provider that has more than 400 different locations throughout the country. The hospital system was hit with one of the largest medicals cyberattacks ever in the United States. Experts believe it could be the biggest ever.

The attack, that left the IT network offline across the 400 healthcare facilities, was reported as a security incident. The facilities had to resort to their back-up plan which includes offline documentation methods. Nurses had to work with pen and paper and could not access their medication system. Many reported that their computers either shut off on their own or slowly stopped working.

The way the entire system was compromised at once and many computers seemed to be taken over, makes this seem like a ransomware attack. Many experts are speculating that this is the case. We know that cybercriminals like to target healthcare systems because the probability of a ransom payment is higher. Hospitals would rather pay than have a patient become more injured, sick, or die due to a security incident.

Protect your business

To protect the organization, company IT security programs should be in the hands of professionally managed security teams or outsourced to managed security firms. Ostra Cyber Security is the professionally managed security team for your business. Managing everything from desktops and laptops, to tablets and BYODs, Ostra’s technology keeps everyone safe.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/30ov82h

Ostra Cybersecurity

Tesla Employee Prevents Massive Ransomware Attack

/in , /by

Ransomware attack on Tesla

A Tesla employee working in a Gigafactory in Nevada was offered a $1 million bribe to help a hacker install malware into the Tesla computer systems. The hacker who has since been arrested is a Russian citizen by the name of Egor Igorevich Kruichkov. This attack was well planned out by the Russian hacker, as the Tesla worker who he contacted was also Russian and spoke it too.

The Tesla worker met with Kruichkov in early august after being contacted but didn’t know the reason for the rendezvous. After meeting, Kruichkov asked the Tesla employee to help him install malware that once installed, would launch a massive DDoS attack. Which would effectively allow the hackers to occupy the Tesla system, giving them access to steal sensitive corporate data. The hackers would then hold the data until the electric car manufacturer pays big. Kruichkov mentioned that a reward of $1 million would be sent to the Tesla worker in cash or bitcoin.

Enter the FBI

Kruichkov and the hacking group could only hope that the worker would accept the offer. However, the results did not favor the Russians. As soon as the Tesla worker left the meeting he contacted the FBI who then, with the help of the Tesla worker, communicated with the Russian hackers and got as much information as possible. The FBI discovered that the Russians were the ones responsible for the recent $4.5 million ransomware attack on CWT travel.

On August 21st the hacker contacted the Tesla employee and said “the project was delayed” and said he was leaving the area. The FBI followed and arrested the Russian hacker the next day during a failed flee attempt.

This Tesla employee prevented a possible cyberattack on Tesla that could have cost them millions of dollars. Not just in ransom payments but also in the lost operating time that could cost way more than the ransom.

Protect your business from ransomware attacks

Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/3hH961h

Ostra Cybersecurity

Ransomware Gang Attacks Billion-Dollar U.S. Liquor Maker

/in , /by

The hacking group called REvil ransomware, who have hacked numerous million-dollar companies, have hacked and encrypted Brown-Forman. Brown-Forman is a top U.S. based liquor maker with brands like Jack Daniels, Finlandia Vodka, Early Times, and Old Forester.

The REvil gang reportedly had access to Brown-Forman’s systems for over a month. They were able to completely explore any system/device they had access too. Even the company’s cloud services were exposed. A Brown-Forman representative has claimed that they detected the attack early enough that no data could have been encrypted.

Even though the Liquor company stopped the attack before any encryption took place, the hackers claim to have stolen a terabyte of data. The REvil gang is using this data to hopefully extort Brown-Forman and get paid.

“Screenshots posted by REvil provide a glimpse into the full scope of the breach. Internal communications, financial documents, contracts and personnel data all appear to been accessed”.

A Brown-Forman representative has said some information included employee data. Employees at Brown-Forman now have a huge increase in risk for identity theft or attacks on personal accounts. This is a big reliability for the company. REvil hackers believe that the company will end up paying. The hackers could be right, especially if they start to leak files to force payment, as they have done before.

REvil Ransomware

REvil ransomware has been a threat to many smaller companies in the past. Recently, however, this ransomware group and others alike have been targeting governments and billion-dollar corporations. These ransomware attacks are growing worse by day as hackers develop increasingly more sophisticated ransomware strains. REvil has recently started to auction off stolen data on the dark web and is one of the first hacking groups to popularize it.

Protect your company from ransomware

Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/3aCaL5E

Ostra Cybersecurity

Travel Management Firm CWT Pays $4.5 Million to Hackers

/in , /by

The US business travel management firm CWT just paid a $4.5 million bitcoin payment to hackers who stole terabytes of information. CWT claims that the hackers stole sensitive corporate files and put 30,000 computers offline. CWT represents more than 1/3 of companies on the S&P 500, which makes them a very valuable target for hackers.

Ransomware. Why did it have to be Ransomware?

Just like Indiana Jones hates snake’s, business executives hate ransomware. When ransomware is used by experienced hackers it can be very effective and can give all the leverage to the criminals, leaving businesses stuck with limited options. A majority of the time the hackers end up getting paid, which is why ransomware is a CFOs worst nightmare. In the case of CWT, the strain of ransomware used was called “Ragnar Locker” which encrypted computer files and made them useless until the ransom was paid. The hacking group originally asked for a $10 million payment, but a CWT negotiator brought the ransom to $4.5 million instead.

CWT was quick to pay the hackers as they wanted their systems online and sensitive information returned. On July 28th a bitcoin payment for 414 bitcoin or $4.5 million US dollars was paid to the hacking group and the attack was over.

Cybersecurity experts say that paying ransoms encourages future attacks, but these situations leave business executives with a difficult decision.

Protect your business from ransomware

Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://nyti.ms/2DAnObP

 

Ostra Cybersecurity

Garmin in Trouble for Paying Ransom

/in , /by

The GPS company Garmin became the victim of a ransomware attack late July. The suspected hackers, known as EvilCorp, encrypted a lot of company data and attached a ransom note to each file. The ransom note had directions to email one of two email addresses to get a price for the encrypted data. Garmin confirmed that the price was around $10 Million for the decryption key.

Garmin has paid the ransom to get their stolen information back. There is no official explanation yet how Garmin paid the hackers. But now Garmin could be in more trouble for paying the ransom. This time with the United States Government.

EvilCorp is on a US sanction list

Because the hacking group is on a US sanction list, that makes any transaction illegal and a punishable offense. Garmin reached out to a cyber response company, but the company refused due to legal implications.

Eventually, Garmin found a cyber response company that would help them with the transaction and securing their stolen data. The company, Arete IR, is confirmed to have assisted Garmin but no official statements have been released about the payment.

Even though Garmin was faced with no other choice but to pay the ransom, the company may be facing more punishment by the US government if the hackers are confirmed to be EvilCorp.

Protect your business

Ostra eliminates the human errors that can lead to a ransomware attack by preventing the phishing emails, suspect inquiries, and social engineering campaigns from reaching employees. Ostra will help secure your network and keep your businesses private data out of the hands of cybercriminals.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/3k94LWd

Ostra Cybersecurity

Blackbaud Pays After Ransomware Attack

/in , /by

Blackbaud, one of the largest providers of fundraising technology to nonprofits, universities, and other charities was hacked. After a ransomware attack left important data encrypted, Blackbaud was forced to either pay the ransom or let the data be sold to other cybercriminals. Blackbaud paid in Bitcoin and received confirmation that the data was destroyed.

It is unknown how much was paid to the hackers, but the ransom was not paid until there was sufficient proof that the data was destroyed. Blackbaud officials say that credit card info, bank account info or social security numbers were not stolen. To ensure the privacy of its customers, the company hired outside-experts to monitor the internet and dark web. To make sure that no information was released or sold by the hackers.

Blackbaud is the target of millions of cyberattacks each month

The company follows the industry best practices and they conduct aggressive tests on the security of their systems and infrastructure. They are a part of many Cyber Security related organizations. Officials claim to have implemented additional security measures to prevent this from happening again.

This is the second time this year that a major provider for the nonprofit sector was hacked. Earlier this year MIP, a financial software company, was hacked and users were locked out for 3 weeks.

Protect your data

Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/3jYC0eL

Ostra Cybersecurity, Inc.
6101 Baker Rd, Suite 202
Minnetonka, MN 55345
contact@ostra.net
(866) 336-7872

Access our Partner Portal
Subscribe to Our Newsletter