Microsoft’s recent report regarding ransomware has highlighted a rise in Human Operated Ransomware. Since 2017, these attacks have increased by 860%. Ransomware is malware that encrypts and later deletes files from computers, the cloud or a server. The human-operated ransomware attack is having successful entry 3 ways.
- Brute Force attacks – accessing Remote Desktop Protocol to access user’s office computers to access the network’s server infrastructure
- Spear Phishing attacks – using email campaigns to obtain information like passwords and credit card information
- Drive-by Downloading – users surfing the web and landing on a website that downloads malware or a virus. Pinterest, Facebook, and social media platforms are common for easy access to these types of sites.
99.9% of the time, victims don’t have 2-factor authentication. 2-factor authentication is offered on Office 365 and Google. Technology companies can offer 2-factor authentication for multiple platforms in Microsoft, Amazon, Salesforce, and DocuSign, for example.
Microsoft recommends implementing intrusion detection management. Intrusion detection management provides real-time analysis of malicious activity and policy violations.
Neither 2-factor authentication or intrusion detection management replaces the need for business continuity for servers, workstations or hosted cloud services. Business continuity is the ability to access your business application during a disaster or unplanned downtime.
Best practices recommend keeping data on a different network in different regions on a separate power grid that is accessed with different credentials.
“DME was able to limit our downtime to less than 45 minutes while they resolved our ransomware attack.” Christy Q. – Employee Benefits Consulting Firm
92% of business with business continuity, didn’t experience significant downtime. Of those with significant downtime, 4 out of 5 fully recovered within 24 hours. Without business continuity, less than 20% were able to do the same.
Contact the experts at DME today to assist with eliminating your technology risks.