Ostra’s Year in Review – 2021

Happy New Year! Here are a few of Ostra Cybersecurity’s highlights from the past year, along with a glimpse of where we’re heading in 2022:

Blocking Threats in 2021

In response to a huge increase in cyber threats throughout the year, Ostra’s information security team was busier than ever in 2021.

Ostra Stats

  • Ostra saw a 250% increase in the number of active threats that we blocked for our clients this year
  • Of the 5 billion cybersecurity events that we managed in 2021, approximately 1 billion were considered active threats
  • 40 million of these blocked threats came from non-NATO countries such as Russia and China

General Ransomware Stats

  • Ransomware continues to be one of the largest cyber crime threats1
  • Average ransomware payout by a mid-sized company was $170,404 in 20212
  • Average ransomware payments in Q1-Q3 of 2021 was 165,50043

Celebrating Our Channel Partners

Ostra is known for breaking down traditional silos and filling gaps within the heavily segmented industry of cybersecurity. One of the many ways we accomplish this is through our rapidly growing Channel Partner network.

Cybersecurity is a team sport that requires teamwork and trust. Ostra’s Channel Partner network has grown more than 500% in the last year—bringing Fortune 100-caliber data protection to clients in diverse markets and applications.

These partnerships also enable Ostra to help our clients who are seeking referrals for MSP services, IT consulting, cyber insurance and/or security advisory services such as assessments, compliance and vCISO services.

  • Need a referral? If you have questions about what our Channel Partners offer, or if you are looking for service recommendations in these areas, please contact Ostra.

Staying Vigilant in 2022

Ostra continues to be proactive about cybersecurity in 2022. This includes evaluating, developing and implementing new tools and services that offer our clients the best layered protection against malware, ransomware and other threats to their data security.

We know the best way to protect against attacks is to minimize the attack surface. That means making sure all endpoints are secure—including desktop PCs, laptops, smartphones, IoT devices, tablets, servers, or other devices that are connected to your network.

  • Stepping it up: Many of our clients have implemented additional layers of security including Mobile Device Management (MDM) and Cloud Security (CASB) to further reduce their attack surface. To learn more about these options, contact us.

Listening and Leading

Ostra believes in listening to our clients and peers in the industry, which is why we conducted Voice of Customer (VoC) surveys with current clients and prospects in early 2021:

  • We were able to test and validate the most significant needs of both professional services companies who want to purchase, implement and maintain their own cybersecurity as well as how IT/technology companies select and implement cybersecurity tools for their clientele.
  • Ostra further validated that our mission to combine best-of-class cybersecurity technology into a packaged solution that is easy to install and simple to manage is what both professional services companies and IT/technology providers want.
  • Finally, Ostra learned that the market trusts us (and our partners) to continue developing a best-in-class cybersecurity solution. Our growing Channel Partner network ensures that Ostra’s solution—simple and complete cybersecurity coverage—will be available to every business, including small and mid-sized companies.

Ostra’s mission remains focused on educating our community. This is why we developed and shared more than 25 blogs with cybersecurity news, trends and best practices. We will continue to deliver more educational content in 2022, so stay tuned for more on our blog and on LinkedIn.

Speaking of which… Ostra is always on the lookout for helpful thought-leadership content from our partners and clients. If you have a cybersecurity resource or educational topic you’d like us to consider sharing with our readers, please send an email to marketing@ostra.net.

Ostra Cybersecurity provides comprehensive, Fortune 100-caliber cybersecurity to businesses of all sizes. Contact us to learn more or to schedule a FREE cybersecurity assessment.

1 Microsoft blog: Russian cyberattacks pose greater risk to governments and other insights from our annual report
2 Sophos whitepaper: state of ransomware (2021)
3 Stats found on www.coveware.com for Q1 2021 ($220,298), Q2 2021 ($136,576) and Q3 2021 ($139,739) indicate the average payment in Q1-Q3 was $165,530.

Ransomware is Getting Worse

Ransomware attacks are increasing, and not just for consumers.

Businesses have become a more valuable target for cybercriminals who are looking for a bigger payout. Cybersecurity experts say that ransomware attacks will only become a larger threat in the future.

As cybercriminal groups become more skilled in exploiting and bypassing network security defenses, they can start to target more sophisticated programs. By targeting more important businesses and their assets, like file servers, entire databases, and cloud services. These groups can demand a much higher ransom, with a much higher probability of being paid the ransom as well.

Recently a cybersecurity company has identified a cluster of attacks against multiple U.S. companies, including 8 Fortune 500 companies. These attacks were well planned out with the intent to deploy ransomware on the company networks. By using ransomware, the goal was to encrypt computer networks and servers, then demand a multi million-dollar ransom. The attackers were identified by the security company and disrupted before the companies had to pay millions, and lose valuable operating time.

Attacks like these are well coordinated and usually begin taking place weeks before anyone notices. 

“Cyber criminals often spend weeks poking around in a network before they make their attack, which means they have time to understand key digital assets, like the CEO’s emails for example, allowing them to put even more pressure on their victims”.

Protect yourself from Ransomware

It is more important today then ever before to keep your business protected from the high possibility of a ransomware attack. Especially as ransomware becomes more sophisticated. You could be caught having your data encrypted before even realizing it’s happening. 

Ostra Cybersecurity offers a Fortune 100 caliber solution, that is simple to deploy and use whether your business is 20 people or 2000. Ostra provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting like many antiviruses do. 

Want to find out more? Contact us today!

 

Major US Managed Service Provider Attacked

Ostra Offers Access to Best-In-Class Security Products

One of the largest data center providers in the US, CyrusOne, was infected with ransomware yesterday which encrypted customer devices and network data. The same ransomware family was used in a rash of attacks earlier this summer, which included several managed service providers, local governments in Texas, and over 400 US dentist offices.

The attack caused a cloud service outage for at least one major CyrusOne customer, the financial and brokerage firm FIA Tech. At least five other large customers of their New York data center have also experienced availability issues due to encryption of their data and devices. A CyrusOne spokesperson said they are currently performing forensics to investigate the attack and help customers restore impacted systems. CyrusOne owns 45 data centers globally and has more than 1,000 customers. 

The data center provider does not intend to pay the ransom demand, “barring any future unforeseen developments.”

The ransom note indicated this was a targeted attack against CyrusOne’s network. Targeted attacks rely on single-use strains of malware specifically designed to avoid detection by signature-based antivirus solutions. Successful defense against this type of attack requires integrated prevention, detection and response tools that recognize and halt advanced threats. 

Managed Service Providers have increasingly become targets of cyberattacks. Even a relatively small MSP may offer attackers as many endpoints as a major corporation, and an MSP may not have the robust security capabilities that a large corporation has to prevent sophisticated cyberattacks. Earlier this year CyrusOne explicitly listed ransomware in an SEC Filing as a risk factor for its business.

To face the rising tide of targeted attacks, Managed Service Providers need to improve their security posture. Ostra’s Enterprise Grade Security solution gives MSPs access to best-in-class security services, such as FireEye and PaloAlto, which large corporations use to combat targeted attacks. Contact Ostra to learn how to protect your clients and MSP business.