Last month, the Los Angeles Community College District announced that Los Angeles Valley College had been victimized in a ransomware attack to the tune of $28,000 in bitcoins.
If you feel you've been hearing a lot more about such attacks in the news, you're not mistaken: In an international study conducted by Osterman Research, nearly 80% of US enterprises were subject to a cyber-attack last year and half of those experienced some kind of ransomware incident.
We've also been seeing an increase in spearphishing attempts and threats to our clients in both the education and enterprise markets. Training your staff how to recognize malevolent email links is an essential defense, but as criminals get better at counterfeiting official-looking emails and websites, training will only get you so far.
The Solution to Cybercrime: A Multi-Layered Security Plan
1. Begin by assessing your current security setup: A scanning tool can detect any viruses, malware, botnets or backdoors currently lurking within your system, or web services that link to malicious content.
2. Email is the preferred means of entry for ransomware attacks. In 2017, simple spam filtering isn't enough. You need a complete email protection system, shielding you from phishing, plus end-to-end encryption, archiving tools, and data loss protection.
3. Clever criminals are creating ever more accurate looking clones of legitimate web pages containing malware, so web content filtering is also a must.
4. Botnets, spoofing, and Trojan horses can be stopped in their tracks with the network and application security provided by a Next Generation Firewall.
5. BYOD is no longer a question: Your staff, your management, and on-site visitors are carrying an increasing number of devices and clamoring for network access. Manage them all securely with a platform like Aruba's Clearpass System.
6. Legacy antivirus platform solutions that rely on signatures simply cannot spot the evolving behaviors of modern ransomware activity, some of which employ polymorphic (shapeshifting) code to evade detection. Your network needs Endpoint Protection that can monitor and fight and defeat modern ransomware threats on every network device.
7. Stay aware of who is trying to attack your network and mitigate damage with 24x7x365 Threat Detection and Monitoring. Our ThreatRespond system operates 24/7 and includes collection and parsing of your networks' event logs and device information. This includes port scans, denied scans, anomalies in traffic and logons, authentication failures, and other irregularities - all correlated in an advanced, cloud-based SIEM infrastructure and then scrutinized by a team of human security engineers to eliminate false positives.
8. Should crypto-malware get through all these defenses, we highly recommend Datto's BDR Solution as a final line of defense ithat will keep your data backed up continuously and allow whole infrastructures to be spun back up in a matter of seconds. With scalable storage options, extremely fast recovery times, and 24/7/365 support, we feel it's the very best that data protection has to offer.
PUTTING YOUR BEST DEFENSE FORWARD
The analysts at Gartner note that with tens of thousands of new kinds of attacks launched around the globe daily, perfect protection against all intrusions is simply not possible. But with a multi-layered security plan in place - including tools for detection and recovery - you are arming yourself with the best defense to your organization and data.