Security Layers: Ransomware Canaries
This is an on-going series describing the layers of security that Clear Guidance Partners deploys to our clients and why it is important. One of our core strategies is that security is best served by many layers. Minimize risks, protect from attacks, and identify problems.
Ransomware Canaries
What is ransomware?
Ransomware is one of the biggest threats in IT today. In case you are not familiar, ransomware infiltrates your network, encrypts your files, and does not release them until you pay a ransom (typically in bitcoin) to the hackers. As part of the IT industry fighting back, many times IT departments would simply use their backups to recover the data and ignore the hackers. Always one step ahead, the hackers then started copying the data to their own servers, and will release it to the internet / dark web if the ransom is not paid. Imagine your HR files, client data and more exposed to every hacker and the public. This is a serious threat.
What do we need a canary for?
Ransomware attacks can often be halted in their tracks if the IT security team moves quickly enough. Traditionally IT gets alerted about attacks when they start getting panicked calls from all their users. Even worse, if an individual computer gets infected, a user may not notice for days or even weeks. CGP has deployed a new tool that plants ransomware canary files (fake, monitored files that our tools watch for malicious activity) on every computer and server. In the event it detects ransomware, our team is alerted and can respond in minutes rather than days or hours.
Why is CGP deploying this for all their existing clients (at no cost)?
The cornerstone of our business is a security first approach to IT. We have deployed multiple new technologies over the past several months to our clients at no additional cost, such as AI powered anti-phishing technology. We are continually evaluating new tools to protect our networks and our clients, and when we find something that can make a substantial impact, we often times will integrate it into our existing service.
Talk to one of our CIOs about how we can protect your business today.