ransomware - the channel company€¦ · ransomware survey results 91% of it support providers...
TRANSCRIPT
Ransomware: DANGER AHEAD
BRIAN WEAVERVice President of Sales
What is Ransomware?
Encrypts files so you can’t use them
Encrypts all network shares
Demands money (in bitcoin) in order to gain access to your files
Ransomware is exponentially growing and spreading
Ransomware incidents are skyrocketing…
➢Over 4 million variants
➢Over $ 1 Billion paid to “unlock” data
➢Department of Homeland Security answer ??
➢Payment in Bitcoin, as it is untraceable
➢More sophisticated phishing techniques used
➢It isn’t a matter of “if” but “when” your company will be hit… will you be ready for it????
What does Ransomware Look Like?
Watch Your Back!
Don’t Become a Victim of a Hack!
8
WE’LL JUST RESTOREFROM OURBACKUP SOLUTION
NETWORK DOWNFORTWO DAYS
(FRIDAY & SATURDAY AFTER THANKSGIVING)
SFMTAPROVIDES735,000 RIDES A DAY($1 – 2.25 PER RIDER)
TOTALREVENUELOST
$1.5 – 3.3 MILLION!!
WannaCry
The next Epidemic…
US Dept. of Homeland Security Alert
Ransomware Survey Results
✓ 91% of IT support providers surveyed have dealt with ransomware in the past 2 years
✓ 43% have dealt with 6 or more instances of ransomware in the past 12 months
✓ 94% of ransomware victims had Anti-Virus/Anti-Malware in place
✓ Only 15% of ransomware victims had basic cyber security training for their employees before the attack
INVERSE TECHNOLOGIESRaaS Made Easy!
A Social Experiment…..
How Can I Safeguard My Company?
✓ Training: At least once/year, company wide & all new employees
✓ Make Certain Firewalls & Endpoint Security is up to date
✓ Keep up on the latest phishing methods & communicate them to all associates
✓ Look for unusual IT activity, executables running
What Happens When the Safeguards Fail?Early Detection is Key!
➢Ransomware leaves a footprint
➢Notification when a likely ransomware attack is occurring
➢ Identify the last clean backup for quick restore
What to Do If You Are Infected with Ransomware
✓ Have a Cyber Incident Response Plan in Place
✓ Don’t pay the ransom!
✓ Contact your IT Support provider
✓ Restore from a backup
Traditional Backup vs. Business Continuity
What isn’t CONTINUITY?
➢Cloud Only
➢Local Only
- Including Tape
➢File Based BackupDESKTOPS
PHYSICALSERVERS
CLOUDSERVERS
What is “CONTINUITY”?
Continuity is:
✓Hybrid cloud-based backup
✓ Image-based backup
✓Delivers superior
➢ RTO (how much downtime)
➢ RPO (how much data are you willing to lose)
✓Eliminates downtime (Virtualization)
Ransomware Trends in 2017
Targeted attacks on business more frequent (up 3x)
Spear phishing: using social media, mass exploits down 65%
New Ransomware variants dramatic growth (up 30x over 2016)
Ransomware-as-a-Service debut (Cerber affiliate program) 40%
Once attacked, majority of firms are infected (71%)
Beyond data encryption (threat to release data publically)
Delayed encryption (getting into more systems, vendor, customers, etc)
1100 MSPs surveyed from around the world about Ransomware
$75 billion in Downtime per year
Best Practices Elements for a BC/DR Solution:
Redundancy of back-up, no single point of failure (local & cloud – with multiple DC’s)
Fast Recovery Time Objective (RTO), dictates an image-based capability
Image-based for multiple operating environments (windows & linux)
Ability to run infrastructure from the Cloud environment, time enough for a physical infrastructure recovery
Continual confirmation that backups are happening as planned
Best Practices Elements for a BC/DR Solution:
Detection/alerting of “ransomware in progress” to potentially head off encryption before it happens
Ability for capacity for future growth in storage/disk space needed
Short Recovery Point (RPO)Technology that is not dependent on a string of prior backups all needing to be clean
No limit on Cloud Storage, enabling retention of historical data as long as needed
