Cyber-criminals are increasingly targeting small and midsize
American businesses with ransomware that encrypts the contents of a PC or a
server until the victim pays $500, $1,000, or more in untraceable Bitcoin.
After several of United Computer Group's VAULT400 customers were hit with
ransomware scams, the company decided to team up with the security training
company KnowBe4 to teach VAULT400 customers how to avoid falling victim to a
ransomware scam.
A ransomware epidemic is spreading across the country,
impacting organizations of all shapes and sizes. "Never before in the
history of human kind have people across the world been subjected to extortion
on a massive scale as they are today," the security software company
Symantec says in its recent whitepaper on ransomware.
UCG chief executive Jim Kandrac tells IT Jungle that several
VAULT400 customers succumbed to ransomware attacks recently--mostly by clicking
on malicious emails sent as part of a spear phishing attack. The compromises
didn't involve the IBM i servers or data. Instead, the attacks resulted in the
hard drives of Windows PCs and servers being encrypted.
While UCG could have helped the customers by recovering
their data from backups stored by VAULT400 (the company backs up up data from
Windows servers and other platforms too), most of the victims choose to pay the
ransom rather than recover their data. According to Kandrac, the problem comes
down to lost time, which is lost money in the business world.
"We can wipe their system and restore the data, but it
takes a bit of time--two to three days if they don't have high availability,"
Kandrac says. "The other thing is, they can pay the ransomware, but if
they don't have a Bitcoin account, that can take up to three days to set
up."
Kandrac was hesitant at first to get involved. "This
isn't our marketplace," he said. "This isn't what we do. But more and
more it affected us, and we genuinely felt bad because we've got the data
protected, but these guys are getting hit."
The FBI shut down a big CryptoLocker server last year but
other ransomware scams remain.
So UCG turned to KnowBe4, a Tampa, Florida, company that
specializes in training employees how to identify and not fall victim to the
various cyber-scams circulating on the Net. Today, all VAULT400 customers get
access to KnowBe4's ransomware awareness training for 25 to 50 users as part of
the base subscription.
Read full article in IT Jungle.
Sign up for a Free Phishing SecurityTest at ucgrp.com/KB4
Related blog post: UCG Partners with Leading Cyber Security Firm KnowBe4
Related blog post: UCG Partners with Leading Cyber Security Firm KnowBe4
Listen to
webinar replay: 2015 State of
IBM POWER8 Backup, Disaster Recovery & Cyber Security Webinar, from UCG and
IBM Systems Magazine.
Download PDF: Why Security
Awareness Training? Ransomware. That's Why.
Download PDF: Which email
addresses are exposed on the internet and are a target for phishing attacks?
Download PDF: Find Out What Percentage of Your Employees is Phish-prone
Download PDF: Social Engineering Red Flags.
No comments:
Post a Comment