Network Access August September 2019
News August/September 2019
Ransomware Demands Skyrocket GREEDY CYBERCRIMINALS AND THEIR RISING COSTS
It doesn’t seem that long ago that ransomware attacks became a premier choice for hackers and scam artists. One attack I vividly remember from the early days of ransomware was around 2012, when we helped a client with a locked-up computer that had been frozen with ransomware. The ransom that the perpetrators were asking for at the time was a nuisance amount of $300, and upon that payment, the scammers claimed they would unlock our client’s computers. Fast forward a few years, and those measly-yet- inappropriate requests had grown. When a similar situation occurred then, the ransom amount scammers requested before letting law enforcement unlock the victim’s files rose to about $1,500. Then, a couple years later, the ransom a hacker asked for jumped to $4,000, and last year, it was commonplace to see ransoms in the area of $30,000. That brings us to 2019, when we are now seeing targeted ransomware attacks by perpetrators who are demanding ransoms close to $200,000. And these are ransoms being placed on critical files and notes that organizations desperately need.
Christman — who you may remember from his recent segment on CBS’s “60 Minutes” — the dollar amount losses are severe. Christman says, “I’m aware of one ransomware variant that affected all 50 states that had some $30 million in losses and over $6 million in ransom payments. I would tell you that the losses are very significant and easily approach $100 million or more just in the United States.” There is nothing an organization can do to unlock these files except wipe the system clean and hope their backup strategy is adequate enough to replace the encrypted data. Of course, they could instead pay the ransom and hope they receive decryption keys that work. (Check Page 3 of this newsletter for an example of why this does not work.) However, as we all know, the old adage “Hope is not a strategy” always applies, especially when it comes to your IT services and critical files. Network Access offers comprehensive backup solutions that will secure your entire server to completely restore the environment, should an infection occur. No matter how much scammers think they can get away with, Network Access has a defense to thwart them.
“... as we all know, the old adage, ‘Hope is not a strategy’ always applies, especially when it comes to your IT services and critical files.”
Two major ransomware variants called SamSam and RYUK are doing this now. According to the FBI’s Mike
–Jim Barnes
Ransomware History
1
www.NetworkAccess.com
412-931-1111
Deep Dive WHAT IS THE DARK WEB ANYWAY?
Disconnected? The Value of High-Availability Internet/WAN for Your Business Stable Internet and WAN Connectivity Are Critical For many organizations, the loss of internet or wide area network (WAN) connectivity often causes a major business impact and can bring operations to a screeching halt. We all are relying on internet or WAN connectivity more for mission- critical applications, such as email, web access, chat, video training, cloud applications, and even VoIP. NetWatchman High-Availability Internet/WAN offers a combination of integrated, redundant communication failover technologies that provide for the automated recovery of a failed hardware device or telecommunications circuit. Professionally Customized for Your Business Needs NetWatchman High-Availability Internet/WAN will keep your internet or WAN always on and alleviate your organization from the following complex and time-consuming tasks: • Provisioning of enterprise-class communications infrastructure consistent with your bandwidth and support needs • Configuration and optimization of a comprehensive fault-tolerant infrastructure that will facilitate the automated failover to backup hardware devices, circuits, or VPNs • Complete installation, documentation, and network management setup by our own certified industry experts Enjoy the Following Worry-Free Benefits: • 24/7 monitoring and automated alert notification, 365 days a year • High-availability/fault-tolerant reliability • Quarterly failover testing • Full problem remediation of technology and carrier services NetWatchman High-Availability Internet/WAN will provide the fault- tolerant access you can count on for a secure, fast, and reliable data experience for your organization. By removing the need to manage the complex and confusing carrier and technical-implementation task, your organization’s time and energy can be directed to more important issues or projects. Built With Fortinet Network Access chooses Fortinet for their NetWatchman High- Availability Internet/WAN solutions for service you can rely on.
Follow us into the shadowy corners of the internet as we uncover … the dark web. You’ve probably heard of it, but do you know what it is or what it means? The dark web uses disguised IP addresses to preserve anonymity for the site owners and the users who visit it. You won’t find a dark web page via search engines, mostly because it’s full of criminal activity. Anything from illegal weapons to drugs, counterfeit items, hacked accounts and software, credit card numbers, and child pornography fill the dark web. Rumor has it that you can even hire a contract killer. According to the threat-intelligence company, Recorded Future, there are thousands of sites on the dark web that serve as marketplaces for hackers selling their services and the data they have stolen. Vulnerable points are exposed, and attack methods are discussed, developed, and sold on these forums. Dark web sites do not end in “.com” or any other common domains. Instead, they end with “onion,” which can only be reached from a Tor network. This is an anonymizing browser that reroutes your webpage requests through a series of proxy servers to hide your location. These sites are never simple names to memorize. For example, the popular site, Dream Market, goes by the address “eajwlvm3z2lcca76.onion.” It also often changes to avoid DDoS attacks. According to Recorded Future, users who visit the Hidden Wiki, a Tor-accessible directory of dark web sites, are three clicks away from 82% of the active dark web, although most will come up with 404 errors. Bitcoin, which allows two parties to make a private, trusted transaction, has been a huge reason the dark web has thrived. When buying something through the dark web, you aren’t usually dealing with honest people. Many times, an e-commerce provider will disappear with customers’ crypto coins. Dark web site owners will gain users’ trust through good comments and ratings, but once they have racked up enough money or feel they might be caught, they quickly change their URL.
Learn more about the dark web and other IT phenomena by visiting NetworkAccess.com.
2
412-931-1111
www.NetworkAccess.com
The Tale of Two Florida Cities
Dual Cities Pay Massive Ransom to Cybercriminals
Hackers are willing and ready to attack anyone with a vulnerable defense. There’s no such thing as a company or person who is “too small” for these kinds of attacks, and two Florida communities just learned this hard — and expensive — lesson. In June 2019, Riviera Beach, Florida, a small town of about 35,000 people, was ordered to pay a ransom of $600,000 to free their computers. On June 10, the IT systems around the city, including landline phones and emails, were under the control of hackers until payment was made. As time passed, this spread to other IT systems, locking down the city’s website, email server, and billing system, and it even affected 911 dispatch operations. The city of Riviera Beach voted unanimously to let its insurer pay 65 bitcoins, about $592,000, to the hackers behind the attack. Less than two weeks later, a second Florida community, Lake City, was hit with ransomware. City workers couldn’t access their email accounts, and members of the community could not pay
bills online. This cost Lake City 42 bitcoins, or about $500,000. Luckily, insurance will cover most of the ransom, but $10,000 will come from taxpayers. The problem with paying this ransom to hackers is that it will keep them funded and motivated to strike again. There is also a chance these cities will not get their data back at all, which is why law enforcement usually does not support paying ransoms. However, these Florida cities still paid the ransoms, and it poses many questions. The most pressing of these is, “Will cybercriminals attack other local or state governments?” Don’t let attackers and ransomware scam your company out of thousands of dollars. Let Network Access and our NetWatchman Services help you get the protection you and your customers need. Learn more by visiting NetworkAccess.com or calling 412-931-1111.
STRENGTHEN YOUR CYBERSECURITY VOCAB Word Search
Enter to win an Amazon gift card! Fill out this word search, snap a photo, and send it to info@networkaccess.com for the chance to win!
Ransomware Florida Cyberthreat Dark Web
Cryptolocker Wannacry Petya SamSam
Bitcoin DDos
3
www.NetworkAccess.com
412-931-1111
4580 McKnight Road, Pittsburgh, PA 15237
PRST STD US POSTAGE PAID BOISE, ID PERMIT 411
Ransomware Demands Skyrocket PAGE 1 What Is the Dark Web, Anyway? PAGE 2 Disconnected? PAGE 2 The Tale of Two Florida Cities PAGE 3 Word Search Contest PAGE 3 Streamlining Systems PAGE 4
STREAMLINING SYSTEMS Active Directory is a technology created by Microsoft that serves as the information- security foundation and single-sign-on platform for user access to networked-based resources. into a forest spanning multiple domains, increasing the complexity of daily operations, upgrades, and prospective migrations. This Staying Organized and Secure With Active Directory Managed Services
complexity can often result in mundane maintenance and security updates, such as disabling accounts and password- change management, which are commonly overlooked.
Providing a central point of control and management for user identification, authentication, and delegation, Active Directory enables administrators to assign policies, deploy software, and apply critical updates throughout an organization. Maintaining Your Active Directory Active Directory environments need to be maintained and updated to continue running smoothly. As business goals and personnel change, new requirements begin to develop, and updates and migrations will be required to keep Active Directory effective and secure.
best practices needed to keep your Active Directory environment secure, effective, and efficient. Network Access Advantage Network Access has the Microsoft-certified talent that will work with you strategically to tactically identify and accomplish your business-technology goals with confidence. Since 1992, Network Access has been a strategic business and technology partner helping our clients design, deploy, and support networks and systems in alignment with their business goals.
Troubleshooting and Problem Resolution
When the complexity of an Active Directory environment evolves, troubleshooting and problem resolution require very advanced Active Directory skill sets. This can be especially true if problems occur such as Active Directory database corruption, LDAP issues, application-access issues, exchange, and file/print problems. Network Access’ Active Directory managed security services are designed to assist organizations with the ongoing expertise and
In the normal course of business operations, Active Directory environments can evolve
4
412-931-1111
www.NetworkAccess.com
Page 1 Page 2 Page 3 Page 4Made with FlippingBook - professional solution for displaying marketing and sales documents online