Protect your data, ensure compliance, and strengthen your security posture...
The loss of sensitive data can cost a business millions of dollars and severely ...
Many organizations do not want to pay for a full-time CISO or do not know if they are ready...
The Cybersecurity Risk & Maturity Assessment (CSMA) is a gap analysis and risk assessment...
A vulnerability assessment systematically reviews security weaknesses in IT ecosystems...
A penetration test, or pen test, actively identifies, tests, and highlights your organization’s...
With the growing threat of cyberattacks and data breaches—and the potential costs...
At any time, your organization might be running hundreds of security controls...
With rapidly changing regulations, maintaining compliance isn’t just a box to check—it’s essential...
Move beyond one-time assessments. Our coaching program provides continuous...
Is your manufacturing business prepared for CMMC compliance? Learn what CMMC compliance is...
At Right Hand, we understand what it takes for companies doing work within a defense industry ...
The National Institute of Standards and Technology (NIST), a division of the U.S. Department...
SOC is a suite of reports from the American Institute of Certified Public Accountants (AICPA)...
PCI DSS designs a set of security standards to ensure that all companies accepting...
ISO 27001 is a set of standards and requirements for an information security management...
Is your IT team stretched to the breaking point supporting your business? Have you had...
Is your in-house IT staff overworked and overburdened managing routine tasks? Do you have...
Cloud computing is transforming the way organizations buy and consume software...
Is your current IT strategy prepared for the threats that your organization faces every day? From human...
Protect your data, ensure compliance, and strengthen your security posture...
Manufacturing operations face intense competitive pressures, increasingly complex supply chains, and strict compliance requirements like CMMC and ITAR...
Healthcare providers face mounting pressures from ever-evolving technology...
Accounting firms handle sensitive financial data—from tax filings to audit...
Law firms operate under strict confidentiality obligations and face evolving...
Auto dealerships handle a wealth of customer information, from financing details...
In Oil & Gas, uptime, safety, and data integrity are paramount. Whether you’re managing offshore rigs,...
Financial institutions bear a heavy responsibility: they hold sensitive client information and manage...
In the insurance sector, safeguarding sensitive policyholder information is essential—not just to meet...
Auto dealerships handle a wealth of customer information, from financing details...
Small and medium-sized businesses are the backbone of our economy, but they often face...
Protect your data, ensure compliance, and strengthen your security posture...
The loss of sensitive data can cost a business millions of dollars and severely ...
Many organizations do not want to pay for a full-time CISO or do not know if they are ready...
The Cybersecurity Risk & Maturity Assessment (CSMA) is a gap analysis and risk assessment...
A vulnerability assessment systematically reviews security weaknesses in IT ecosystems...
A penetration test, or pen test, actively identifies, tests, and highlights your organization’s...
With the growing threat of cyberattacks and data breaches—and the potential costs...
At any time, your organization might be running hundreds of security controls...
With rapidly changing regulations, maintaining compliance isn’t just a box to check—it’s essential...
Move beyond one-time assessments. Our coaching program provides continuous...
Is your manufacturing business prepared for CMMC compliance? Learn what CMMC compliance is...
At Right Hand, we understand what it takes for companies doing work within a defense industry ...
The National Institute of Standards and Technology (NIST), a division of the U.S. Department...
SOC is a suite of reports from the American Institute of Certified Public Accountants (AICPA)...
PCI DSS designs a set of security standards to ensure that all companies accepting...
ISO 27001 is a set of standards and requirements for an information security management...
Is your IT team stretched to the breaking point supporting your business? Have you had...
Is your in-house IT staff overworked and overburdened managing routine tasks? Do you have...
Cloud computing is transforming the way organizations buy and consume software...
Is your current IT strategy prepared for the threats that your organization faces every day? From human...
Protect your data, ensure compliance, and strengthen your security posture...
Manufacturing operations face intense competitive pressures, increasingly complex supply chains, and strict compliance requirements like CMMC and ITAR...
Healthcare providers face mounting pressures from ever-evolving technology...
Accounting firms handle sensitive financial data—from tax filings to audit...
Law firms operate under strict confidentiality obligations and face evolving...
Auto dealerships handle a wealth of customer information, from financing details...
In Oil & Gas, uptime, safety, and data integrity are paramount. Whether you’re managing offshore rigs,...
Financial institutions bear a heavy responsibility: they hold sensitive client information and manage...
In the insurance sector, safeguarding sensitive policyholder information is essential—not just to meet...
Auto dealerships handle a wealth of customer information, from financing details...
Small and medium-sized businesses are the backbone of our economy, but they often face...
Unless you’ve been living under a rock, you’ve probably heard about the latest flavor of cybercrime that is circulating the internet – Ransomware. As an experienced technician who has encountered this threat several times throughout its development, I’d like to spend some time today discussing what it is and what we can do about it.
Imagine that you are working on a deadline and you need to retrieve valuable client data stored on one of your server shares. You go to open the file and receive an error message that the file is unreadable. In the same folder you see a new file called DYCRYPTMYFILES.TXT. You open this file to reveal a note from a smug hacker. “Send 500USD in bitcoins to a specified address or lose access to your files permanently,” it says. Browsing through your folders you quickly discover that you cannot open any of the files! Worse – you call your IT professional and they tell you that there is no way they are getting those files back. They are gone for good.
How do you think a scenario like this would affect the operation of your business? How quickly do you think you could recover and get back to normal working order? How much do you think it would cost? It is unfortunate to say that many businesses will ultimately pay the hackers what they want in order to retrieve business critical data that they cannot recover by any other means. For this reason, the ransomware industry is growing rapidly and the malware programs themselves become increasingly more sophisticated.
Right Hand heavily discourages anyone from giving in and paying the ransom. While we do recognize that there can be situations where this is the only remaining way to regain access to business critical data, there really is no guarantee that the hackers will actually decrypt your files. In addition, paying the ransom will flag you as a successful target, and you are very likely to be targeted again.
So what exactly is going on here? At its core, ransomware is just like any other virus or malware except that it wants to target your data and “hold it for ransom”. It does this by using encryption on any of your files that it can find – Word documents, spreadsheets, PDFs, pictures, music, databases, etc. Encryption scrambles the data within those files, rendering them unreadable and virtually useless. The hacker possesses the decryption key (what is needed to unscramble the data back to normal) and offers to return the files to the user in exchange for a sum of money, typically payable in bitcoins. The hacker may also threaten to delete the key if the user does not act within a declared period of time.
Every business today should have knowledge of this threat and know how to protect themselves from it. I have narrowed down three major areas of focus that a business can use to accomplish this.
I will touch a little on all three.
The weakest link in your network’s security chain is – and always will be – the user. You can spend thousands on the best security firewalls and intrusion detection equipment and it will do you no good if Barry from Accounting mistakenly initiates a virus program.
Ransomware usually begins with a fraudulent email. They purport to be from a trusted source, i.e. your bank, one of your contacts, or known entities such as UPS, FedEx, or ADP. These emails always contain a clickable link or attachment that the user should click on to view more information about the email. This is the bait, because once that user clicks it will immediately and silently begin to execute ransomware code. Employees should be trained to use caution when opening any email attachment or clickable link. In today’s world it has even become a common practice to “spoof” email addresses, making them appear as coming from a trusted sender. For this reason, a simple phone call could be all that is needed to verify whether an email is legitimate. Training should occur on a repeated basis to make sure employees have knowledge of current threats, what to look for, and how to deal with them. When the users have knowledge beforehand they are much more likely to recognize a fraudulent email or webpage. Additionally, in the event that a computer becomes compromised, you want that employee to recognize what occurred, act quickly and notify a network admin so that damage can be mitigated quickly.
The key here is remembering that it is not good enough just to have a policy. Barry needs to be made aware of, and refreshed on the policy if you want him to become effective at detecting fraudulent communications. In order to assist businesses with achieving this end, Right Hand offers an in depth training program that can simulate actual attacks, giving your employees the edge they need.
Contact us for more information by clicking here.
You always want to be sure you are following good security practices with your network regardless of the threats involved. Here I am referring to technical controls and equipment that you can use to limit any unauthorized access. For example, having a firewall is great for your network’s security, but can be meaningless if not properly configured.
Most strains of ransomware require the user to unknowingly download and execute malware code. One way to counter this is by limiting administrative access to user’s computers when they don’t require it. Processes that install software and change the registry require administrative access in order to work. In this scenario, if Barry clicks on the bad email link, the ransomware may download but cannot execute because Barry does not have administrative rights to the computer. This is known as the Principle of Least Privilege, and it is a good all-around security measure that will defend against more than just ransomware.
Another useful tip to prevent ransomware is to utilize a spam filter. Most email hosting providers have this feature built right in, but some do not. Check to see if your organization uses spam filtering, and find out how to implement it right away if you do not. As stated previously, ransomware likes to worm its way in via fraudulent emails. Having a spam filter in place doesn’t provide a foolproof safeguard, but it can drastically reduce the quantity of these emails that make it through to user’s inboxes.
There are many other good practices that business can follow to protect themselves and their data. Right Hand offers security audits to help you see clearly the current state of your network. Often, our technicians can discover ways to increase your network’s security with the assets and controls that are already in place!
Click here and let us know you’re interested.
The power of keeping regular backups cannot be overstated. A good backup solution takes backups regularly, they are redundant, and they are stored both locally and offsite. Gone are the days of fighting with tape backups and praying that they work when called upon. In 2016, a small business can purchase an effective solution for about the cost of a cell phone plan – which is nothing compared to the financial cost of losing valuable client data to ransomware, or any type of disaster for that matter. A business that keeps good backups of their system cannot be harmed by the effects of ransomware – aside from the downtime involved with removing the infection and restoring good copies of data. Good employee training and controls are always most effective when combined with a reliable backup system.
In this scenario, Barry’s infected computer is cleaned of malware and good copies of encrypted data are loaded from backups. The business may suffer temporary downtime and inconvenience, but ultimately they will make a full recovery.
A strong backup solution is your ultimate protection against data loss for any situation. If you do not have a suitable backup solution, talk to us about how we can help you get to where you need to be. To view quick and easy solutions for single computer backups, check out http://backup.rhtg.net.
Worst case scenario? If you have already been infected with ransomware, we’re ready to help. Fill out the form below for a free recovery tip sheet.
Right Hand is a managed service provider offering custom IT solutions for any size business, large or small. Our team has the experience and knowledge to protect your network from ransomware and other threats. Don’t wait for disaster to strike – call us today at 844.254.RHTG (7484).
[gravityform id=”4″ title=”false” description=”true”]
Discover strategies to defend your SMB against Black Basta ransomware, including employee education, multi-factor…
Navigate CMMC compliance complexity with our master guide. Explore key documents like SSP and…
Explore Shadow IT risks and benefits, and learn how consistent MSP support can help…
The Certified Information Systems Security Professional is an information security certification with extremely high standards. Less than 132,000 people worldwide had this certification at the end of 2018.
It has also been formally approved by the DOD and is globally recognized in the field of IT security.
It covers the following topics:
Security and Risk Management
Asset Security
Security Architecture and Engineering
Communication and Network Security
Identity and Access Management (IAM)
Security Assessment and Testing
Security Operations
Software Development Security
This a system engineer certification and tests the user’s knowledge on the following topics:
Windows
SQL Server
Exchange Server
SharePoint
System Center (SCCM)
Lync
The A+ Certification demonstrates that the computer technician has the skill set needed to customize, install, maintain, and operate PCs.
In addition to these certifications, Right Hand also has strategic partnerships with some of the biggest names in the industry like Microsoft, Dell, Citrix, and Fortinet.
What could be more assuring than having these industry giants on your side?
As the name suggests, this certification is for Network Engineers. Everything from the installation and maintenance to troubleshooting of networks including the understanding of all related technologies is a part of the course.
This certification shows that the technician who has passed the Microsoft exam is capable of managing, migrating, deploying, planning, and assessing the technology, security, and compliance needs associated with Microsoft Office 365.
The CompTIA Security Plus SY0-501 course provides certifications in the following topics:
Threats
Vulnerabilities
Attacks
System Security
Network Infrastructure
Access Control
Cryptography
Risk Management
Organizational Security