Ransomware continues to be a daily headline in the news. In the past week, we have
seen Honda, CFO, and Microsoft. In 2019,the Internet Crime Complaint Center (IC3)
received 2,047 ransomware complaints, with losses over $8.9 million.
To prevent ransomware from infecting an organization, deploy SecureCircle and an
Endpoint Detection and Response (EDR) solution such as Crowdstrike. SecureCircle
will ensure that unauthorized users cannot access any data that leaves an organization.
EDR will block known ransomware and stop the execution of ransomware via
unpatched vulnerabilities. SecureCircle and EDR provide a productive ransomware
There are a few types of ransomware attacks.
Crypto ransomware encrypts valuable files on a computer so that the
organization cannot access them. Thieves ask for money to get their files back
Locker ransomware does not encrypt files. It locks the victim out of their device,
preventing them from using it.
Data theft ransomware may or may not encrypt the data on a computer, but it will
transfer the data to an offsite location. The thieves ask for money to not release
the data to the public.
SecureCircle prevents data theft attacks such as the Grubman Shine Meiselas and
Sacks law firm. Data is always protected, and if data transfers to an offsite location, it
would be protected, and the thieves would not have any access to the content. Celebrity
legal content would not be published online.
Remediate the crypto and locker types of attacks with proper backup solutions. Backups
need to be isolated, so the attack does not compromise the backup data. The retention
window needs to be long enough that clean backups are available. While restoring data
can take time as well as reimagining computers to remove the attack, this option
provides a viable path to recovery.
SecureCircle recommends companies do not pay ransoms. There is no guarantee
paying payments will return data. Only 26% of US companies paying the ransom got
their files unlocked.
Companies have been desperate to find solutions to ransomware attacks, including
using decrypters found on the web. This week a fake STOP Djvu ransomware decryptor
was found that deploys new ransomware.
Paying a ransom or reversing the ransomware should not be relied on to keep
organizations safe. Instead, prevent ransomware with SecureCircle and a proper EDR