Wednesday, October 07, 2015

Keeping Ransomware Out of the VAULT

by Alex Woodie, IT Jungle

Cyber-criminals are increasingly targeting small and midsize American businesses with ransomware that encrypts the contents of a PC or a server until the victim pays $500, $1,000, or more in untraceable Bitcoin. After several of United Computer Group's VAULT400 customers were hit with ransomware scams, the company decided to team up with the security training company KnowBe4 to teach VAULT400 customers how to avoid falling victim to a ransomware scam.

A ransomware epidemic is spreading across the country, impacting organizations of all shapes and sizes. "Never before in the history of human kind have people across the world been subjected to extortion on a massive scale as they are today," the security software company Symantec says in its recent whitepaper on ransomware.

UCG chief executive Jim Kandrac tells IT Jungle that several VAULT400 customers succumbed to ransomware attacks recently--mostly by clicking on malicious emails sent as part of a spear phishing attack. The compromises didn't involve the IBM i servers or data. Instead, the attacks resulted in the hard drives of Windows PCs and servers being encrypted.

While UCG could have helped the customers by recovering their data from backups stored by VAULT400 (the company backs up up data from Windows servers and other platforms too), most of the victims choose to pay the ransom rather than recover their data. According to Kandrac, the problem comes down to lost time, which is lost money in the business world.

"We can wipe their system and restore the data, but it takes a bit of time--two to three days if they don't have high availability," Kandrac says. "The other thing is, they can pay the ransomware, but if they don't have a Bitcoin account, that can take up to three days to set up."

Kandrac was hesitant at first to get involved. "This isn't our marketplace," he said. "This isn't what we do. But more and more it affected us, and we genuinely felt bad because we've got the data protected, but these guys are getting hit."

The FBI shut down a big CryptoLocker server last year but other ransomware scams remain.

So UCG turned to KnowBe4, a Tampa, Florida, company that specializes in training employees how to identify and not fall victim to the various cyber-scams circulating on the Net. Today, all VAULT400 customers get access to KnowBe4's ransomware awareness training for 25 to 50 users as part of the base subscription.  

Read full article in IT Jungle.

Sign up for a Free Phishing SecurityTest at

Related blog post: UCG Partners with Leading Cyber Security Firm KnowBe4