Ransomeware – Should You Be Concerned?

There has been a lot of news lately regarding ransomware. What is ransomeware and should you be concerned? Ransomware as defined by CERT is a “type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid”. Theft of proprietary information, credit card data, or personal information is not a motivating factor, taking control of vulnerable systems and denying access to the information is. It’s essentially a kidnapping of your IT environment. Ransomware can spread through direct targeting of a system, phishing emails or by unknowingly visiting an infected website.

Ransomware attacks started out primarily with individuals and it origins date back to the late 1980’s. Perhaps you know someone who paid a “fee” of $25 or $50 to have their computer “cleaned” of malware detected by some random third party organization. While it seemed to be somewhat suspicious that an unknown organization would detect your computer problem, for many it was just easier to pay the “fee” and move on. 

Ransomeware exploits today are aggressive, intrusive and demanding with Bitcoin or other cryptocurrencies being the payment of choice. While crypto platforms are not technically anonymous, they do provide opportunity to act anonymously. Crypto platforms make currency exchanges between wallets. The person(s) associated with the wallet are not identifiable in the transaction. In some places crypto exchanges are required to collect personal information but this is not the case in many places.

Ransomware attacks target individuals, corporations, governments, schools and even police departments. The ballooning monetary demands of ransomware extortionists are claimed by some as being fueled by cyber-insurance companies who prefer to pay claims to help drive new business. For an insured, having a ransom paid by an insurer is the quickest way to end a crisis and get back in business.

Lake City, Florida  at the end of June this year paid 42bitcoin worth about $460,000. The loss was covered by cyber-insurance with Lake City paying a $10,000 deductible. According to ProPublica, Baltimore, Maryland did not have cyber insurance and chose not to pay a $76,000 ransom payment and has spent $5.3M to date recovering locked files. Atlanta similarly balked at a $53,000 payment and has spent $8.5M to date on recovery. Another unnamed company chose to pay a $10,000 ransom payment when they realized that recovering their data from backup tapes would take weeks. Most recently, 22 municipalities in Texas were attacked simultaneously with extortionists demanding millions of dollars in ransom payments. 

Blaming insurance companies for helping escalate extortionist’s demands by paying claims is ignoring the elephant in the room. As business owners, managers and technologists, what is important is to focus on is how these exploits occur so we can prevent infection and its potentially devastating impacts. While having insurance as a financial tool is great, preventing the event is paramount to keeping the business operating.

Cyber exploitation occurs due to mismanaged or improperly patched systems, lacking processes and procedures, compounded by insufficient employee training. Unpatched computer systems are vulnerable to exploitation either through direct attack or by individuals browsing infected sites or clicking on malicious links. Once compromised, an inability to detect the breach allows the attack to propagate over time resulting in an ultimate loss of control over the organization’s systems and information. Without a proven disaster recovery plan, an organization stands little chance of regaining control in a timely manner.  

Some questions to ask yourself and your organization supporting your IT systems are:

Do we have a properly designed infrastructure?

Do we have a process to apply security updates ongoing?

Do we regularly backup our critical data?

Do we have a disaster recovery plan that is updated and tested on a regular basis?

Do we regularly validate our security posture, including audits and testing?

Are all of our methods documented and reviewed on an ongoing basis?

If we were to suffer an attack do we have a planned response, as well as the financial resources to recover?

Network Management Solutions has been helping organizations since 1996 design, implement, monitor and manage critical IT assets. Please call us for a free, confidential discussion regarding your IT challenges and goals. We can be reached at 908-232-0100 or on the web at www.nmscorp.com.

Management of Hosted Networks and Applications

You have moved all your critical processing and applications to a hosted facility.  You have designed in all the fault tolerance and backup capabilities that would address any reasonable failure scenario.  Security is tight, the network is fast, latency is at an all time low and the cost of delivery is down. Mission accomplished, time to celebrate, right? Not exactly.

While you have been able to squeeze the design to get maximum performance and keep costs in line with projections you may have missed out on how to maintain that balance ongoing. The cost per square foot of data center space and or computer cycles and storage is at a premium. Your environment is a dynamic one and growth is inevitable.

In being a good steward, it is of critical importance that you can identify how resources are being consumed to keep pace with a growing demand. Unlike when you hosted your own equipment the cost to add a server or expand an application is more readily apparent as it will most likely appear on next months bill. Without performance management and monitoring  you may be lost for answers when management asks for justification.

Availability and performance management ensure that your finger is on the pulse of your infrastructure. Anomalies in usage may point to more than increased traffic to your sight or usage of core applications. There may be ongoing security issues you are unaware of, the latest generation of your new in-house application may be consuming inordinate resources and needs tuning, slow downs may indicate network segmentation is required.

Utilizing a third party Managed Services Provider can deliver significant benefit in managing your resources as well as reducing the cost in technical support staff.  Improved performance, expanded technical expertise, and cost benefits are obtainable with the right provider.  Network Management Solutions can assist in making your transition to hosted facilities an immediate and long-term success.  Please contact us to find out more about how we can help.

 

Cloud Computing – Where does it fit within your organization?

We frequently speak with clients about cloud computing. There is much confusion and varying opinions on what cloud computing is. From our vantage point cloud computing is a marketing term that encompasses a broad array of services.

According to Wikipedia “Cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility (like the electricity grid) over a network (typically the Internet).” So how does this affect your organization?

For many cloud computing can range from customer owned hardware and software hosted in a remote service provider data center, service provider virtual machines housing customer applications, turnkey applications hosted in a “private” company intranet, or Internet based turnkey applications that are shared globally among a variety of companies.  In the purest sense of terms Cloud Computing is “Infrastructure as a Service” replacing the need for dedicated hardware, software, and local data centers as the infrastructure moves to the cloud and is hosted by the service provider.

Identifying where cloud computing fits in your organization can provide significant benefit or risks depending the approach and the information your company houses. In addressing the cloud, organizations must consider the potential financial benefits, performance impacts. regulatory requirements, and security risks before moving any initiative forward.

A clear strategy will pay dividends and reward the right approach. Network Management Solutions can assist in the decision process. Please contact us for further information.