Ransomware Attacks

An ransomware attack on a various businesses was recently detected. It was allegedly carried out by LockBit, a ransomware group. We have requested that all customers update their threat intelligence to include key indicators for compromised systems and create custom rules to detect LockBit ransomware.

The Download

What is the threat?

LockBit ransomware, a malicious program that blocks user access to computers in return for ransom payments, is called LockBit ransomware. LockBit automatically scans for valuable targets and spreads the infection to all computers on a network. This ransomware can be used to attack enterprises and just about any other organization.

 

Why is it noteworthy?

A cyber intelligence company, reported that LockBit 2.0 demanded a ransom of $50 million for six terabytes worth of data they were able to retrieve, a cyber crime intelligence firm stated, reported that 2500 computers belonging to employees and their partners had been compromised and locked without access to their data.

 

What is the exposure or risk

This global consulting firm is currently under attack by ransomware. The ransomware group claims that they have an inside agent who is working in the company. It is possible that it is a scare tactic. However, standard security procedures like “least privilege” are even more important to follow in order to reduce attack vectors.

 

What are the recommendations to protect your business from Ransomware?

Businesses should reevaluate and simplify user account permissions, as well as delete old and inactive accounts. It is important to have backups of the entire system and local images ready in case of an attack.The perpetrators will mostly ask for monetary payment in digital currency such as bitcoin for any ridiculous amount. Even then if you paid them, they may ask for it again and re-encrypt your data. So paying them there is no sure-proof way. The hold the key and not you. Here are a few things to help keep you safe.

 

    •  Audit or research internally how you and your users execute code. Meaning what do they click on all day. For example and foremost important, email attachments. But look at everything else and learn how to block it. Filtering.

 

    • Difficult as it is locking down USB ports and many times a business interrupter, then choose a good NGAV (Next Generation Anti-Virus)and NGF (Next Generation Firewall) products. They go above and beyond basics.

 

    • Keep a daily or even block level real-time backup of your data so that if something was missed you can still restore your data prior to it being compromised and encrypted for ransomware.

Talk to one of our cybersecurity professionals to help your business from being compromised and having to potentially pay ransom for your data. Our Managed IT Services customers take advantage of our BundleIT™ packages that include comprehensive services for your business and can be sure all cybersecurity issues are being addressed including making ransomware attacks.

JNS is a Barracuda Network Partner and also partners with other top cybersecurity manufacturers to help deliver solutions for your business to help your business stay safe. Call us or schedule a free consultation today to learn more.

Ransomware Attacks

An ransomware attack on a various businesses was recently detected. It was allegedly carried out by LockBit, a ransomware group. We have requested that all customers update their threat intelligence to include key indicators for compromised systems and created custom rules to detect LockBit ransomware.

The Download

What is the threat?

LockBit ransomware, a malicious program that blocks user access to computers in return for ransom payments, is called LockBit ransomware. LockBit automatically scans for valuable targets and spreads the infection to all computers on a network. This ransomware can be used to attack enterprises and other organizations.

 

Why is it noteworthy?

Cyble, a cyber intelligence company, reported that LockBit 2.0 demanded a ransom of $50 million for six terabytes worth of data they were able retrieve, a cybercrime intelligence firm stated, reported that 2500 computers belonging to employees and their partners had been compromised.

 

What is the exposure or risk

This global consulting firm is currently under attack by ransomware. The ransomware group claims that they have an inside agent who is working in the company. It is possible that it is a scare tactic. However, standard security procedures like “least privilege” are even more important to follow in order to reduce attack vectors.

 

What are the recommendations to protect your business from Ransomware?

Businesses should reevaluate and simplify user account permissions, as well as delete old and inactive accounts. It is important to have backups of the entire system and local images ready in case of an attack.The perpetrators will mostly ask for monetary payment in digital currency such as bitcoin for any ridiculous amount. Even then if you paid them, they may ask for it again and re-encrypt your data. So paying them there is no sure-proof way. The hold the key and not you. Here are a few things to help keep you safe.

 

    •  Audit or research internally how you and your users execute code. Meaning what do they click on all day. For example and foremost important, email attachments. But look at everything else and learn how to block it. Filtering.

 

    • Difficult as it is locking down USB ports and many times a business interrupter, then choose a good NGAV (Next Generation Anti-Virus)and NGF (Next Generation Firewall) products. They go above and beyond basics.

 

    • Keep a daily or even block level real-time backup of your data so that if something was missed you can still restore your data prior to it being compromised and encrypted for ransomware.

Talk to one of our cybersecurity professionals to help your business from being compromised and having to potentially pay ransom for your data. Our Managed IT Services customers take advantage of our BundleIT™ packages that include comprehensive services for your business and can be sure all cybersecurity issues are being addressed including making ransomware attacks.

JNS is a Barracuda Network Partner and also partners with other top cybersecurity manufacturers to help deliver solutions for your business to help your business stay safe. Call us or schedule a free consultation today to learn more.