Tag Archive for: REvil

The Hidden Dangers of Insider Threats

Possibly one of the most underrated catalysts for a cyberattack is the insider threat. Take a look at some recent statistics:

  • An article by Identity Management Institute stated that 65-70% of all security incidents arise from insider threats to system and data security.
  • According to IBM Security Intelligence, 40% of insider incidents involve an employee with privileged access to company assets.

Many companies do not account for the damage that an insider threat could do. An insider threat can be anyone with access to an organization’s network, like employees, contractors, business associates, or friends. Insider threats are the biggest contributors to cyberattacks, especially in the last couple of years.

22% of all folders were available to every employee. (Varonis)

What is an insider threat?

An insider threat is anyone who has special access to the organization and can possibly use that access to attack or help hackers target the company. There are a few different types of insider threats to be aware of: malicious insiders, inside agents, emotional employees, reckless employees, and third-party users. Each one of these types of insider threats all could have access to an organization in some way and can use it to their advantage.

Insider threat attacks have only been growing in the past years and experts predict that number to skyrocket as more businesses switch to remote work. The increasing mix of remote, hybrid, and on-site employees means that companies must be extra vigilant about managing network access and permissions. Even the most loyal employees who retire or leave on good terms should no longer have access to company files or systems after their last day. In addition, it is important to ensure that dissatisfied or disgruntled employees—whether they are still there, or were recently laid off—cannot use their access in retaliation against the company.

“The overall cost of insider threats is rapidly rising. There is a 31% increase from $8.76 million in 2018 to $11.45 million in 2020”. (Cost of Insider Threats Global Report)

Online Hygiene

Although cybersecurity has become a loaded concept, it’s important to make cybersecurity a priority. Good online hygiene should be part of any organization’s onboarding or off-boarding process, but if it not, then take it upon yourself to exercise best practices to keep your company safe.

Some basic precautions include performing regular software updates and enabling MFAs. You can also contact Ostra to explore how a cybersecurity assessment can reveal what vulnerabilities you may have, and how you can stay ahead of threats.

Avoiding Apathy

How can companies best protect their data from insider threats? While it is tempting to succumb to either apathy or paranoia, neither of these extremes is the right approach. Rather, awareness that leads to action is the goal. You can read more about this approach in Ostra’s blog about data privacy.

How to protect against insider threats?

  1. Update and maintain the user access/privileges list and be aware of which employees have access and to what—especially as you are onboarding new employees or removing access from departing employees.
  2. Ensure sensitive/confidential information is not accessible by anyone who does not need it.
  3. Educate employees on insider threats and how they can help defend against a possible attack.
  4. Implement a cybersecurity program that can defend immediately against any lurking vulnerabilities.

Ostra Cybersecurity provides active defense protection for your businesses’ data and act immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Contact us today to see how Ostra can help you and your clients minimize risk from insider threats.


Small Business Cybersecurity Tips

Many small businesses are currently struggling because of the pandemic. The last thing any small business needs now is a cyberattack, which could easily put a company out of business. So now more than ever there is a need for strong cybersecurity practices, especially in smaller businesses with less cybersecurity devoted resources.

60 percent of companies that are victims of a cyber-attack go out of business within six months. -NCSA

The average loss of a cyberattack in 2019 was around $200,000, which is a lot of money for a small business to pay. This helps to understand why so many companies struggle to succeed after a cyberattack.

These are some helpful tips to help improve cybersecurity in small business

Train your staff

Employee training is the first and one of the most important steps in maintaining quality cybersecurity. Your employees are the main entry point that hackers try to exploit. Hackers try to gain access through employees by tricking them with phishing and social engineering attacks. They also target employees who are working from home on unsecured personal internet networks. Business owners should train their employees to back up data regularly, avoid any suspicious links, and to report any possible phishing scams. Trained employees will reduce the risk of an attack and should be wary of any future attack.

A 2019 Accenture study found that 43 percent of cyber-attacks are aimed at small businesses but only 14 percent are prepared to defend themselves. This is alarming news especially since small businesses are a top-tier target for most cybercriminals. Shows just how many small businesses lack preparedness and how many need to quickly improve their security.

Find a cybersecurity solution

Perhaps one of the best ways to defend your business against cyber threats is to find and install a solid cybersecurity solution. Small businesses usually are short on cybersecurity resources, to begin with, and usually do not have dedicated IT/Cybersecurity experts. Which is why small businesses need a low-cost solution that is extremely effective.

Your business technology should be protected with anti-virus and anti-malware software, this will find and identify any threats to your business. These have security features that will make it harder for any information to be stolen. Every business should have a virtual private network (VPN) that hides your IP address, making it almost impossible for hackers to track you. VPNs are very useful and a necessity if you have employees working from home on unsecured networks. Email protection and maintaining a firewall are also highly recommended in the cybersecurity community.

Ostra offers an affordable and quality cybersecurity solution for your business, that incorporates the very best security tools to protect small/medium-sized businesses. We operate behind the scenes to protect businesses and their most valuable asset, their data.

We leverage known platforms such as FireEye and Palo Alto, to create a sphere of protection for your business and employees, no matter where they are located or what machine they are on.

Want to find out more? Contact us today!

Cybersecurity Awareness Month

October is Cybersecurity Awareness Month, Ostra is proud to take part in helping to create a safer and more trusted cyberspace for everyone.

History of Cybersecurity Awareness Month

Cybersecurity Awareness Month was founded by both government and industry to make sure every American consumer and business has the resources needed to stay safe and secure online. Originally, 17 years ago, cybersecurity month messages were about updating antivirus software and the threat of a “virus”. But as technology advanced, so did the efforts needed to educate people on growing cybersecurity threats.

Today, organizations of every kind, non-profit/for-profit, corporations, universities, small businesses, and other groups all participate in Cybersecurity Awareness Month. These groups all have one goal in mind, to educate their employees/customers/members on the importance of creating a safer, more secure internet for everyone. Awareness efforts today highlight the basics of keeping your technology and information safe. Companies and organizations share tips and tricks throughout October.

Cybersecurity Awareness Month Resources

To get involved and learn more about Cybersecurity Awareness Month, check out these cybersecurity focused partners.

The National Cyber Security Alliance (NCSA) builds strong public/private partnerships to create and implement broad-reaching education and awareness efforts to empower users at home, work, and school with the information they need to keep themselves, their organizations, their systems, and their sensitive information safe and secure online and encourage a culture of cybersecurity. https://staysafeonline.org/cybersecurity-awareness-month/

Information Systems Security Association (ISSA) is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk, and protecting critical information and infrastructure. https://www.issa.org/

The Cyber Security Hub is an online news source for global cybersecurity professionals and business leaders who leverage technology and services to secure the entire perimeter in their enterprise. https://www.cshub.com/

Ostra’s Cybersecurity 101

For those who are new to the world of cybersecurity or just need a refresher, check out our Cybersecurity Terms 101 post. We cover the basic terms that everyone should know to better protect their own devices and to help keep cyberspace safe.

Want to find out more about Ostra and how we can help your business? Visit Ostra.net or contact us today at protection@ostra.net

Cybersecurity Terms 101

October is Cybersecurity Awareness Month and a time to spread the importance of understanding cybersecurity and cybercrime. As cybersecurity evolves, so do the threats that come with it. To stay safe in today’s cyber world it’s important to understand all the different types of threats that could harm you and your business. Everyone is vulnerable to a cyberattack, not just businesses and computers, your personal devices like your phone, watch, and tablet can all be hacked. This is a shortlist of the many different cybersecurity terms that are important to know to increase your cybersecurity awareness.


Cybersecurity is the practice of protecting computer systems and networks from the theft of hardware, software, and data. Cybersecurity works in many ways to defend against all types through hardware, software, and even internal threats. Cybersecurity works as an immediate defense against all types of ways that cybercriminals try to attack.


A hacker is someone who gains access to devices or networks by breaching defenses and exploiting weaknesses. Hackers are usually motivated by personal gain or just because they know how to, for fun.


Malware, short for malicious software, is any type of software that is designed to cause damage and gain access to a computer, network, or database. Examples of malware are computer viruses, ransomware, spyware, adware, and more.


Ransomware is a new and very popular form of malware that locks the users out of their devices and prohibits access to files. After locking the user out, the hackers behind the ransomware then demand an anonymous online payment (ransom) to get their data and device access back.


Spyware is a form of malware that hides on a device or network and steals information discreetly without the user’s knowledge. Spyware is used to steal things like bank details and personal information.


Adware is a form of malware that also hides on your device and annoyingly makes advertisements pop up, usually on web browsers. The adware is meant to gain revenue for the adware developer by monitoring online behavior and spamming the user with targeted ads.


Phishing is the practice of sending malicious emails that appear to be from a reputable company to trick victims into the opening and sharing their sensitive personal information. Usernames/passwords, bank account, and credit card details are the main targets for phishing scams. The elderly are one of the most targeted groups for phishing scams. Educate your parents/grandparents on how to avoid phishing scams!

Data Breach

A data breach is an incident that exposes sensitive and protected information, intentionally or unintentionally. A data breach is usually the result of a successful cyberattack, where the hacker then steals information to sell back for a ransom, sell on the dark web, or any other personal gain. Data breaches can force business operations to completely stop, which can cost a lot of money and lost profits.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net


Cybersecurity Challenges and Concerns of Remote Working

A new report by Malwarebytes wanted to investigate the new normal of working from home (WFH). They measured the immediate reaction to the pandemic and also businesses’ future cybersecurity strategy. The cybersecurity company surveyed more than 200 executives and managers in IT and cybersecurity roles at US companies.

Organizations’ challenges to remote working

Switching to working from home created a new set of challenges for companies. The biggest challenge for most was maintaining efficient cybersecurity, especially those who had already been facing cybersecurity threats before the pandemic.

55% of the respondents said their biggest challenge was training employees how to work from home securely and compliantly.

Image: Malwarebytes

Biggest cybersecurity concerns

There are a lot of concerns for IT and cybersecurity managers/executives with the switch to remote work. Many of the concerns involve the inevitable increase of ransomware and malware attacks overall. Many employees do not have proper cybersecurity training and don’t know how to avoid common cyberthreats, like phishing scams. Employees also lack cybersecurity protections for their home devices and ISP.

45% of respondents say their biggest concern is other individuals who have access to an employees device and may inadvertently compromise it.

Image: Malwarebytes

Protect your business, keep your employees secured

Human mistakes are inevitable and its what cybercriminals depend on to exploit and hack a business. These mistakes are much more likely to happen when employees are working from home. It is important for your business to manage and secure the scattered endpoints, which are your employees. Working from home could be the new normal for a long time, consider using an affordable and effective cyber-security program.

Ostra specializes in protecting business data for remote workers with elite security using Fortune 100 caliber tools. Managing everything from desktops and laptops, to tablets and BYODs Ostra’s technology keeps everyone safe.

Want to find out more? Contact us today!

Ransomware Gang Attacks Billion-Dollar U.S. Liquor Maker

The hacking group called REvil ransomware, who have hacked numerous million-dollar companies, have hacked and encrypted Brown-Forman. Brown-Forman is a top U.S. based liquor maker with brands like Jack Daniels, Finlandia Vodka, Early Times, and Old Forester.

The REvil gang reportedly had access to Brown-Forman’s systems for over a month. They were able to completely explore any system/device they had access too. Even the company’s cloud services were exposed. A Brown-Forman representative has claimed that they detected the attack early enough that no data could have been encrypted.

Even though the Liquor company stopped the attack before any encryption took place, the hackers claim to have stolen a terabyte of data. The REvil gang is using this data to hopefully extort Brown-Forman and get paid.

“Screenshots posted by REvil provide a glimpse into the full scope of the breach. Internal communications, financial documents, contracts and personnel data all appear to been accessed”.

A Brown-Forman representative has said some information included employee data. Employees at Brown-Forman now have a huge increase in risk for identity theft or attacks on personal accounts. This is a big reliability for the company. REvil hackers believe that the company will end up paying. The hackers could be right, especially if they start to leak files to force payment, as they have done before.

REvil Ransomware

REvil ransomware has been a threat to many smaller companies in the past. Recently, however, this ransomware group and others alike have been targeting governments and billion-dollar corporations. These ransomware attacks are growing worse by day as hackers develop increasingly more sophisticated ransomware strains. REvil has recently started to auction off stolen data on the dark web and is one of the first hacking groups to popularize it.

Protect your company from ransomware

Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net