Posts

Ransomware Attack in New Mexico: A ‘Gut-Check’ for Local Government Entities

/0 Comments/in , /by

Ransomware Strikes New Mexico

On January 5, 2022 between Midnight and 5:30 a.m. ransomware struck Bernalillo County in New Mexico. The Albuquerque Journal reported that the attack affected “a wide variety of county government operations. Most county buildings were closed” which halted many of the counties operations.

All Bernalillo County websites were offline as a result of the cyber attack which made working with the public very difficult, but most concerning was the way the county-operated jail was affected. Government officials were unable to access cameras which caused inmates to be temporarily limited to their cells. Inmates were also reduced in their access to telephones, tablets, and unable to have visitors. The facility was on lockdown for several days following the attack. 

Bernalillo County was not the first Ransomware attack on a local government entity and certainly will not be the last. These ransomware attacks are frequent and not only disrupt government services but can also compromise data and have significant impacts on local communities.

Ransomware Attacks Targeting Local Government Entities

According to The Washington Post, “in 2019, cybersecurity experts noticed a significant increase in ransomware attacks on municipalities, cities, and towns across the country and these attacks continue to trend upward. Cyber criminals target local governments because oftentimes these organizations have limited personnel, equipment, budget, and resources to devote to cybersecurity. 

The FBI has said concerning the matter that local government entities will continue to experience ransomware attacks. Especially as “deployment and targeting tactics evolve, further endangering public health, safety, and resulting in significant financial liabilities.”

Is your City/State/Municipality Prepared?

Months later, Bernalillo County continues to feel the effects of this ransomware attack. This devastating attack certainly serves as a gut check for other local government entities. Are you prepared to withstand a ransomware attack? Do you have a data backup strategy in place? Are your employees adequately informed and understand the risks/vulnerabilities?

ENSURE you are SECURE

Trinsio is a data backup solution that will ensure that your data is secure. As a Rubrik strategic partner, Trinsio offers top-of-the-line technology for a fraction of the cost. Trinsio understands that your small town is important to you & will help you first, to understand your data, and then create a plan to protect it.

Businesses Are Losing Money Over Data Management Deficiencies

/in /by

Across the world, more than 2.5 quintillion bytes of data are created daily. You read that right—2.5 quintillion! Let’s look at that number another way: over 2.5 trillion megabytes of data are created daily. That is the equivalent to 500 million 4-minute songs. And most of the world’s data has been created in the last 4 years. This presents a new problem people couldn’t fathom 10 years ago – data sprawl.

Defining Data Sprawl

Data sprawl is the word used to describe the colossal amount of data that is being created by enterprises daily. But the problem is that so much data is being created that it is becoming increasingly difficult to manage. An IDC White Paper study commissioned by Rubrik brought some more insight into the ever-growing issues of data sprawl.

In conjunction with the study, the director at IDC Phil Goodwin said, “Valuable data is now commonly spread across multiple physical locations and different repository types. This creates a problem of data sprawl and fragmentation, meaning that appropriate stakeholders do not have access or know where to find the right data to make informed business decisions. As a result, they are unable to leverage their data to its fullest extent. It also stymies robust AI, machine learning, analytics, and compliance solutions that need enterprise visibility to operate optimally.”

The Results of the IDC White Paper study

Like Goodwin describes, the results of the IDC study showed that those who have not implemented data management solutions are at a severe disadvantage to those who have. The study revealed that businesses without any data management solution incurred 66 percent more operational costs. Additionally, they were 67 percent slower to market than their contemporary competitors. 

In contrast, those with data management solutions earned 69 percent more revenue and 57 percent more profit than their legacy competitors. Putting the money aside, businesses with data management solutions still were at an advantage and reported 72 percent greater customer satisfaction and were able to deploy 62 percent more new products and services than their competitors, giving them a huge advantage in their perspective markets. The study also reported that the staff of these businesses were 24 percent more productive.

The Solution

The study also showed that only 9.2% of the companies who were surveyed had implemented some type of data management solution. It’s obvious that these businesses need to do something about the large amounts of data they are producing every day, or risk becoming obsolete. 

“As the amount of data generated by enterprise organizations continues to skyrocket, a powerful, policy-driven data management platform is imperative to business success,” observes Chris Wahl, Chief Technologist at Rubrik. “Many organizations still struggle to manage and secure their data as they adopt cloud strategies, which will only contribute to the data fragmentation problem.”
Businesses looking to leverage their data stores for increased profits should look no further than Rubrik, which offers solutions to data sprawl. Since its beginnings, Rubrik’s mindset has been focused on providing insight into customer data and its solutions have mirrored that focus. Its data management platform easily connects to all different types of environments and backs up to the cloud, helping customers consolidate their data center space. To learn how Rubrik can help your business manage your data, visit our website or give us a call at 385-283-1800.

I’ve Been Hit by Ransomware… What Now?

/in , /by

In an article titled “Best practices to remediate a ransomware attack” published through Business & Finance, Filip Verloy, Field CTO EMEA of Rubrik says, “As the use of remote working rises, so do potential threats and vulnerabilities, especially within a smaller business which might not have stringent home working security measures in place. People have been forced to adopt new ways of working at an accelerated pace.” Verloy states the importance of protecting your company from cyberattacks that could come as a result of remote working. He advises every company to “create a ‘work from home guide’ for employees, explain which tools are ok, what basic security measures are expected, and who is responsible for implementing them.”

The FBI has estimated that ransomware will be a $1 billion market in 2021. If a company or organization is not prepared, they may feel that paying the ransom is their only option. The recovery process can be very difficult because it is both expensive, and there is no guarantee you’ll get all your files back. Waiting until you fall victim to a cyberattack in order to develop a data recovery plan is not effective and can be detrimental to your business. It is important to decide now on a backup and recovery solution to ensure your data is secure.

Business & Finance published “Best practices to remediate a ransomware attack” to help you develop your ransomware remediation plan just in case an attack occurs.

You Have Been Hit by Ransomware – What Now?

1. Isolate the infected station from the network.

This is done to prevent the infection from spreading to other devices. Disconnect the network cable, WiFi, USB’s, etc. and turn the power off the affected devices to try and contain the damage.

2. Ensure backups have not been compromised.

Be sure backup data is not in read/write mode because it can be manipulated or deleted by the attacker.

3. Identify the infection.

Ask yourself the following questions: What kind of ransomware are you facing? How did it enter your system? Phishing scam? Stolen user credentials?

4. Determine your options.

There are several options available as you try to recover from an attack: pay the ransom, try to remove the malware, and recover from backups. Unfortunately, paying a ransom does not guarantee the recovery of all your data, and may encourage the attacker further because their attack was successful. Trying to remove the malware has become increasingly difficult as ransomware has become more sophisticated and mutates frequently. If you have a robust backup system, you should be able to restore all data from the most recent backup without paying the ransom.

After you have taken these steps, be sure to notify your team, discover which files are corrupted, restore your files, and inform law enforcement, customers, and other authorities. 

How to Prepare

One of the best ways to prepare for a ransomware attack is to make sure your data is backed up in multiple places. Joel Witts with Expert Insights said, “In the event of a ransomware attack, backing up data means you will be able to mitigate the loss of any encrypted files and regain functionality of systems.”

Trinsio offers full-featured, Rubrik-powered data management with global searchability, instant recovery, and data immutability. We also offer local and cloud data replication to be sure your data is secure. With more than 30+ years of experience in cloud, data center colocation, and communications, Trinsio can provide you with a solution you can trust.

Five Tips to Reduce Your Ransomware Attack Surface

/in , /by

When it comes to protecting ourselves against ransomware, there is no one magic thing that we can do to make us immune to attacks. Cybersecurity is about creating a layering defense and covering all bases. This takes time and resources but is crucial to the success of businesses of all sizes.

While some networks will require special deliberation, there are steps that all businesses can take to secure their business systems. Here are five tips to reduce your ransomware attack surface and build a strong defense against cyber threats:

1. Patch software

One of the most obvious things a company can do to secure their network is to patch its software. Leaving software unpatched is like inviting the hacker in through your front door and asking them to help themselves. By patching your system’s software, you are closing the door to attacks based on known vulnerabilities. The 2017 WannaCry ransomware attacks are an excellent example of this; a known vulnerability was patched and published by Microsoft. However, many people were not on top of updating their software and were attacked in the months following and were forced to pay the ransom or lose their data.

Patching your software timely requires hackers to look for more creative ways to get access to your sensitive data, like looking for undiscovered vulnerabilities, which can be much harder.

2. Least privilege policies

Least privilege connotes limiting access to data to those users who explicitly need access. This can mean assigning access to only certain parts of the network for some users. Because of this, implementing least privilege policies into your IT environment allows for better visibility into data movement. By knowing who is allowed access to certain parts of the network, you can see who is accessing data and when, and more easily identify unauthorized access to sensitive data.

3. Strong Password Policies

According to Google, compromised passwords are the number one reason that websites are hacked. A compromised password can be obtained by the hacker on the dark web, or through brute-force guessing techniques. An analysis by Skyhigh Networks found that the same 20 passwords made up 10.3% of 11 million stolen passwords for cloud services, or about 1.13 million passwords. These same passwords can be cracked in less than 1 second. All of these facts should convince you of the necessity of creating strong passwords. Besides using common, guessable passwords, don’t make these other common password mistakes:

  • Using the same 2 passwords. Did you know that over two-thirds of people only use 2 passwords? Using the same passwords for different accounts can lead to all your accounts being compromised when one is hacked.
  • Keeping your passwords in an unsecured place. Around 40% of organizations keep privileged passwords in a Word document or spreadsheet, one of the least secure places to keep privileged information. Instead, try using a password manager, or something similar that limits access to sensitive information.
  • Never changing passwords. Keeping the same password for your email account since your freshman year in college increases your chances of using a compromised password. Frequently updating passwords can prevent access to those who knew your password at one time.

4. Educate Organization Members

The members of your organization can be your weakest links if they are not trained appropriately to have good cyber hygiene, including how to identify phishing emails and other cyberthreats.

5. Secure remote access pathways

Be cautious of external vendors who have access to your network. Vendors may not have the same level of security protocols as your organization, and may not be as careful about keeping information secure. To double down on their potential lack of security, limit access to resources in your network through a single access pathway, giving you more visibility into traffic going in and out. Here you can also implement granular, role-based access to prevent the over-exposure of sensitive information to unwanted users.

BONUS TIP: Keep your backups separate from your main network and off-prem

As your last line of defense, your backups should not be on the same network as the rest of your data. Doing so puts your backups in the same situations as your active data, so in a situation where you need to restore from your backups, there is much less of a chance that your backups will be unaffected by the same ransomware that rendered your active data useless.

Keeping your backups on a different network and off-site allows for a barrier of protection between the backups and the active data. For some backup solutions, this can mean a slower recovery, which can be detrimental to any organization. With Rubrik cloud data management, you can restore from your backups almost instantly from immutable backup stores, even when backups are stored off-site. Rubrik was built to be ransomware proof and boasts features like data immutability and end-to-end encryption.

We Critiqued Organizations’ Reactions to Recent Ransomware Attacks

/in , , /by

With ransomware so often in the news, are organizations really shaping up their IT infrastructure? Organizations are increasing cybersecurity budgets and investing in security metrics to avoid being subject to data breaches. Despite their efforts, the number of successful cyberattacks are increasing, along with the number of companies who feel that they are likely to be compromised in the following year (Source: CyberEdge). 

What’s the best way to determine how prepared organizations really are? Test them. One way or another, the organizations will be tested, it is just up to the owners whether it is in a controlled environment or the real deal. And since some organizations have recently been “tested”, let’s see how they responded. 

Travelex 

If this were a college course, Travelex would have failed and been required to retake it. Unfortunately for them, after this attack, they definitely will “retake it” some day, and probably soon. Travelex, a London-based foreign exchange company, paid a staggering $2.3 million worth of bitcoin to hackers to reclaim access to their computer systems which were compromised by a ransomware attack discovered on New Year’s Eve 2019. A group who claimed to be behind the attack said they had access to the company’s data 6 months earlier, since the summer of 2019.

Despite paying the ransom, Travelex was not able to get its business back to regular operations until over one and a half months later. Only the company’s website remained operational in the attack, with online transactions suspended, and locations being forced to return to physical records. 

Overall Score: Very Poor

Overall, Travelex’s response to the New Year’s Eve ransomware attack was very poor. They didn’t discover it for 6 months, and were severely under prepared, with no backups to get them back to working order quickly. 

Preparation: Very Poor

Discovery: Very Poor

Reaction: Very Poor

Recovery: Very Poor

Coffee County Sheriff’s Department

Coffee County Sheriff’s Department in Tennessee was attacked last Monday by ransomware. Employees at the jail noticed files mysteriously moving earlier, but discovered that their entire system was encrypted Monday morning. The compromised data included files and arrest, booking and sentencing records for all the inmates. They were sent a ransomware demand, but are instead electing to use paper back-ups. 

Overall Score: Poor

While the sheriff’s department did not pay the ransomware demand, they were still inadequately prepared for the attack, and are now being forced to use paper backups, which is painful and slow. Other working backups could have decreased down time significantly and prevented data loss. Additionally, the employees were not trained well enough to understand what the suspicious movement of the files meant. If the employees had understood, some or all of the lost data could have been prevented. 

Preparation: Poor

Discovery: Very Poor

Reaction: Moderate

Recovery: Very Poor

 Finastra

The data breach that began in mid-march was discovered after the hackers’ malicious activity set off an alarm from one of Finastra’s cloud servers, alerting its security team. After being discovered, the hackers worked quickly to begin the ransomware attack. To prevent irreversible damage, Finastra took the affected servers offline, which also stopped delivering services for many of its customers. This came at a time when Finastra was working on new emergency plans due to COVID-19.

Overall Score: Moderate

While Finastra did react quickly to the ransomware attack, their preparation and recovery were very poor. Finastra neglected to fix many known software issues, which aided the hackers in their attack. Finastra correctly refused to pay the ransom, saying “Paying the ransom just makes you a bigger target for next time,” however, recovering and rebuilding their servers from their backups will be a long and painful process, leading to long amounts of downtime and service loss. 

Preparation: Very Poor

Discovery: Moderate

Reaction: Excellent

Recovery: Poor

Durham City

Last month, Durham City, North Carolina, was hit with ransomware. The malware spread after an internal employee clicked on a malicious email. After discovering the ransomware, the city quickly took affected systems offline as part of their cybercontingency plan. They were then able to quickly restore systems from working backups which had not been compromised by the ransomware because of their immutability and distance from the on-site data.

Overall Score: Excellent

Durham City was well prepared to combat the ransomware attack with a cybercontingency plan and working, fast backups from Rubrik. Additionally,the city routinely and frequently holds security trainings for employees to prevent them from falling prey to phishing emails. They were quick to react and recover, preventing extended data loss and down time. 

Preparation: Good

Discovery: Excellent

Reaction: Excellent

Recovery: Excellent

Guaranteed Excellent Recoveries

Rubrik is an award-winning, industry-leading, enterprise-level backup and recovery service that leverages an all-in-one software to bring you near-zero RTOs and instant recovery. Rubrik requires little daily management time, so you don’t have to babysit your backups all day to make sure they are ready when you need them.

Businesses not only save up to 50% when switching to Rubrik (and more with Trinsio), but they get more relevant, security-focused services like immutable backups and ransomware detection with Polaris Radar.

Not convinced? Try Rubrik free for 30 days with Trinsio. Sign up here or contact a Trinsio representative to get started.

Bridge to Brik

/in /by

We understand that your data is important. The need for businesses to have a data backup and recovery plan in place cannot be overstated. Hard drive failure, file corruption, cyber crime, or even a virus could possibly wipe out all your important files and leave your business in ruins. As the frequency of these cybersecurity threats continue to climb, so does your chance of being affected.

Rubrik Technology

Rubrik has created a cloud data management and enterprise backup software that instills confidence in organizations that their data will be protected. A few of the ways they help to protect and recover your data is with end-to-end encryption, an immutability to fight ransomware, near-zero recovery times and data replication. 

What About Small Businesses and the Mid-Sized Market?

The technology Rubrik offers is targeted towards large enterprises and has benefited them greatly over the years. Many small businesses understand the need for a data backup and recovery plan and want to utilize Rubrik’s amazing technology but may not be able to commit to purchasing a Brik. Reasons for this may include not having the budget, wanting to test the features before commiting, or they may be rethinking their purchasing decisions as a result of the current pandemic. As a Rubrik strategic partner, Trinsio utilizes Rubrik software but provides data management solutions that are specifically built for the small business and mid-sized market.

Bridge to Brik

Bridge-to-brik gives every customer the ability to tap into Rubrik’s enterprise backup system. Trinsio’s ‘bridge-to-brik’ strategy allows the customer to start with Rubrik technology in a cost effective way, as low as $200 per Terabyte, and then transition to a Brik purchase when they feel they are ready. We offer a monthly consumption-based service that allows organizations of any size to take advantage of all the features of Rubrik, and easily migrate to a Brik later. Trinsio will nurture the customer, help them understand the features and functions, and ultimately create a data management plan. 

Free 30-Day Trial

We encourage your business or organization to put our technology to the test. Utilizing our free 30-day trial gives you an opportunity to become familiar with the software and the various features included and then build a plan fitted to your business or organization.

Durham City Wins The Battle Against Ransomware

/in , , /by

On Friday, March 6th, the City of Durham and Durham County governments fell victim to a ransomware attack. A statement released on Sunday described the attack in more detail explaining that it originated from a malicious email attachment and then was spread across network servers. The effects of this attack could have been detrimental because there is very sensitive information held on their servers. Durham City responded to this attack as quickly as they could, taking networks and phones offline, in an effort to minimize the damage done because of this attack. 

Ransomware attacks on governments in the US rose 28% in 2018 from the previous year. This number is predicted to continue to rise. Not only have the number of ransomware attacks continued to increase, but also the ransom amount. In Riviera Beach, ransomers demanded $600,000, and less than two weeks earlier, $500,000 from Lake City, Florida. According to Nathaniel Popper, “security experts said that even these numbers underestimate the true cost of ransomware attacks, which have disrupted factories and basic infrastructure and forced businesses to shut down.” The importance of having a plan in place to protect your data from malware cannot be overstated.

Luckily, Durham City had installed Rubrik technology and were prepared for this kind of attack. Leaders of the city say that they are hoping to have all their systems completely up and running in several days. Kerry Goode, the CEO and Director of Technology Solutions said Rubrik technology, “is one of the leading backup systems you can purchase” and they decided they needed to have it because “it was a backup system that could not be consumed by ransomware”

Trinsio offers great protection including immutability for ransomware and end-to-end encryption. We know how critical your data and network are to you and your citizens because we are your citizens. That is why we partner with Rubrik, to bring stability and security to your organization so you can rest easy, despite the odds.

US Natural Gas Facility Hit with Ransomware

/in , /by

Unsurprisingly, we have another ransomware attack on the books. Yesterday, a malicious link was sent to staff at a US natural gas facility. As a result, staff was forced to shut down the entire pipeline asset for two days.

Facility Inadequately Prepared

This organization was simply not prepared for this sort of an attack. CISA stated, regarding the issue, “The victim cited gaps in cybersecurity knowledge and the wide range of possible scenarios as reasons for failing to adequately incorporate cybersecurity into emergency response planning.” CISA encourages all organizations to have a plan that considers the effects of these attacks. Companies should see this as a warning of the ways that ransomware can affect operations.

What is ransomware?

Ransomware is a form of malware that encrypts a victim’s files. The attacker then demands a ransom from the victim in exchange for access to the data. This kind of malware can be devastating to an organization, and recovery has proven to be a very difficult process. Some victims pay the ransom in an effort to recover the files, but even then, there are no guarantees victims will get their files back.

Ransomware Doesn’t Have to End in Disaster

In contrast to the incident at the natural gas facility, Kern Medical Center, a large Level II trauma healthcare organization in Bakersfield, California experienced a ransomware attack in June that penetrated their system, deeming it unusable. An attack on a healthcare facility obviously raises significant concerns because the systems need to be readily available at all times to ensure patient survival. Kern Medical Center had a data recovery plan in place, and as a result, they were able to get their systems up and running quickly while recovering 100% of their data. What could have been a devastating event, ended up being a situation completely under control.

Craig Witmer, CTO of Kerns Medical Center claims that “With our legacy system, restores could take hours— even if we had the necessary tapes onsite. Rubrik allows us to restore in seconds.” He also noted that an important feature of the technology, is the at-a-glance view. With Rubrik, they are able to check all their systems in just a few minutes.

The difference in the preparedness of these two organizations is significant. Ransomware attacks are becoming more and more deliberate. It would be highly beneficial for every company to have a plan in place in an effort to keep their data safe.