Prevent, Protect and Mitigate Cyber Attacks
An anatomy of a real attack
- User targeted by spam email.
- User engaged with hacker and their local laptop was compromised.
- The hacker then used the VPN connection on the laptop to access the corporate network.
- With access to the network the hacker started a network discovery sweep.
- One spreadsheet with admin credentials was found.
- Ransomware was deployed and in less than 20min the entire network was encrypted.
- The company did not have an effective backup plan an it too 2 weeks for them to get back to 80% of production.
- As of 2 months after the attack they are only at 90%
Signs of unauthorized access attempts on your computer systems.
The hackers target individuals who may hold confidential company information. Then, they contact them via text messages or emails containing executable malware or links, by posing as someone of a familiar identity. If these links are clicked on, the hackers could gain substantial access to the victim’s network and data.
What will an attack look like?
Identifying the malware, phishing, spyware, trojans and viruses.
Presuming the cybercriminals are successful, the target company may experience:
- Malware infections: Bitcoin mining, Keystroke loggers or Identity theft.
- Data theft/high jacking.
How to prevent the attack?
Preventing a cyber attack and saving your data and network. People need to be educated about this threat, and strong awareness needs to be spread throughout the organization. Companies need a Defense in Depth approach to a security architecture that is multilayered and spans all networks, endpoints, mobile devices, and the cloud. These are the measures recommended to ensure maximum safety:
Basic IT Security Measures
- Phishing and password training
- Proofpoint email protection
- Datto RMM anti-Ransomware
- End point Security Software
- Web Application Firewall
- Botnet protection
- Latest updates from vendors
- Identify all attack vector
High End Security Measures
- Additional Security Measures: Bi-Annual Penetration testing, Internal Vulnerability Scans, Annual Information Security Audit and Compliance audit readness
- Intrusion Prevention System
- Cyber Insurance
- StorTrust: Cloud Backup and Disaster Recovery: Allows data to be stored offsite and be restored should an accidental deletion, a failed software upgrade, database corruption or ransomware occur.
- Stortrust Immutable Backup: Immutable backups are air-gapped and cannot be affected by ransomware originating from a client site.
We protect your data and your business. With our service, file and systems can be recovered instantly from a local appliance. If disaster strikes, we can spin your critical systems up in our cloud so your business can keep running. We include an annual DR test, sou you can relax, knowing we will be there when you need us.