SEARCH
1272 Bond Street, Naperville, IL 60563 630-505-7500
Security

Securing information is becoming more important than ever. Damages from cybercrime are expected to exceed $6 trillion annually by 2021. Malware is constantly evolving; DDoS attacks are on an exponential rise and ransomware is no longer just a threat to enterprise organizations, but to every company that is online.

With state-sponsored cyberattacks growing in frequency and sophistication and threat actors being governments and professional organizations who focus on hiring the best talent, the profile of a cybercriminal is no longer an early-twentysomething hacking from his mother’s basement.

It goes without saying, the cybersecurity field is in HIGH demand. There is a negative unemployment rate and a huge skills gap with an expected shortage of 2 million positions by 2019. Only one in three IT leaders believe they have the skills in-house to address their needs. That means demand for security professionals and solutions is only growing and it comes from businesses of all sizes and industries. 

The biggest vulnerabilities companies face include:

DDoS Attacks

A distributed denial of service (DDoS) attack is an attempt to block an online service by flooding it with traffic. You may be familiar with last year’s DDoS attack on Dyn which disrupted thousands of sites across the US and Europe. For any company that has a mostly online presence like an ecommerce retailer or someone who captures leads online, a DDoS attack could be very costly to their business.

Malware

Short for malicious software, malware comes in a number of forms from viruses and worms to spyware and Trojans, all designed to be undetected and transmit personal data. Credit card numbers still have their value but it is pennies compared to the premium paid for healthcare records on the black market. These threat actors make their way in through social engineering, outdated software, EOL machines, non-password protected IoT devices and basic human error.

Ransomware

Ransomware happens as a result of social engineering and phishing schemes and attempts to extort money out of victims by locking them out of their files. No matter how smart people are, they do stupid things like click an email from a “Nigerian Prince”.

Social Engineering and Human Error

Referenced as a cause for all the items listed above, human error happens. The best line of defense against these cyberthreats is well trained personnel. As attacks become more sophisticated, even the most email-savvy employees fall victim to social engineering. Poor password hygiene and incomplete exit strategies for departing employees also leave companies in vulnerable positions.


So where to start? We are here to educate and work together on a strategic road-map. Let’s start with a no obligation security assessment

0

Security
Article by ATI Partner Chris Nyhuis, CEO – Vigilant 

In today’s world of Cyber security Incident Response we are seeing evolving threats that are no longer detectable by standard detection. You heard that right, effective evolving threats that can move around artificial intelligence behavior analytics and SIEM. To make it worse, if the security services/solutions you are using are easy to purchase that means threats can purchase them also, testing in their labs prior to attacking bringing them success on the first try.

One of these evolving tactics is in the realm of ransomware. Traditionally, Ransomware was thrown to the wind by the attacker, hoping to hit a random company who the attacker could charge a lion share of bitcoin after encrypting all their data. This approach was successful for quite some time, however, the good guys realized that with the proper backup strategy a company can respond and recover the encrypted data fast taking the wind out of the sails of the attack and money out of their pockets.

Ransomware went dormant for a while, which for us in the security community, meant there was some re-grouping and that there would be another trick up their sleeve. Silence means a wave is on the horizon.

Here’s what they are doing now and it’s ingenious.

  • Attacker enters the company using everyday malware, not anything special. 
  • Next they manually jump off of that original computer before it’s cleaned by AV and pivots to a few other systems so they have redundancy in the control of the network.
  • The attacker then manually identifies and takes over critical servers within the customer’s environment. Notice the manual actions here – it’s not easy to detect manual attacks so most organization’s security solutions will miss it.
    • They take over the following:
      • Firewalls – Ability to Defend
      • Exchange – Ability to Communicate
      • File Servers – Customer’s Data
      • Active Directory – Ability to Control Access
      • Backup Servers – Ability to Recover
  • Once they are on all of these they do a surgical encryption of these systems. Not widespread, surgical and at that point the company’s entire data structure and recovery ability is gone.


Did you see that? The attacker took out a company’s ability to RECOVER by destroying their backups! You can see that the threats your customers face each day are not automated dumb attacks. Threat actors can make significant revenue with these attacks, they are smart, agile and evolve in minutes. Vigilant’s been contacted by three companies in the last week ranging from 10 Million in revenue to 2.2 Billion in size completely encrypted and shut down. Two of them will go out of business and one will recover. The hard part for us is knowing that if we were there prior to the attack we could have stopped all three from happening. Vigilant is a Security as a Service organization who specializes in:

  • Intrusion Detection
  • Intrusion Prevention 
  • Incident Response 
  • Targeted Vulnerability Management

Vigilant performs a 5-Day no cost threat assessment for your customers to show them a much different and effective approach to security. Schedule one today.

Article by ATI Partner Chris Nyhuis, CEO – Vigilant 

Learn more about managed security with Vigilant’s CyberDNA. 
0