With the goal of improving ransomware protection, Evolve IP, Nimble Storage, ID Agent and Veeam Software recently conducted a HIMSS-hosted webinar entitled Dark Web and Ransomware Realities: Stopping Attackers Cold with Hybrid Cloud Solutions. This presentation focused on the incredibly poignant topic of ransomware protection and prevention. Specifically it looked at one of the critical vulnerabilities that leads to ransomware: personal email accounts. Email is a common threat vector exploited by cybercriminals because it is an open door for them to walk through once employees fall victim to fishing or spearfishing tactics.
Panelist Kevin Lancaster, CEO of Dark Web analytics firm ID Agent, explained one of the newly visible examples of how “real” this risk is for businesses. The example comes from a recent study of compromised email credentials conducted by Evolve IP and ID Agent conducted over the last 9 months. The findings have been jaw dropping in terms of their impact on ransomware protection and awareness. 68% of all healthcare firms in the study had one or more compromised email credentials. Most of these companies had multiple compromised credentials with several companies having hundreds of them. After sharing this key point, the remainder of the webinar content was focused on strategies to mitigate the risk of ransomware attacks by creating a sound business continuity strategy with a focus on full and rapid disaster recovery.
To illustrate the prevalence of the compromised credential issue, attendees of the webinar were offered the opportunity to receive a free and confidential Dark Web analysis. As was done in the study, the analysis quantifies the number of email credentials that may have be compromised. This provides an excellent way to quickly understand the scope of the issue and gain valuable insight that I can help refine and improve ransomware protection and business continuity efforts.
The key driver of the volume of compromised credentials is the number of employees that an organization has. While small companies certainly have several of these visible vulnerabilities, larger companies – by simple mathematical probability – will have significantly more threats of this nature. These credential vulnerabilities lead directly to the types of social engineering spearfishing and other algorithmic email manipulation that cyber criminals use to outwit or eventually outlast employees through a barrage of email-borne attacks. The statistics for 2017 are on the rise to even higher levels, as the volume of compromised data on the Dark Web continues to rise. This rise is driven by the success of data breaches and cyberattacks from the recent past.
After Lancaster explained the results and statistics from the vulnerability studies Scott Kinka of Evolve IP explained how this data has direct implications on the need for ransomware protection that’s rooted in disaster preparation and data recoverability. He also walked attendees through recent ransomware recovery case studies where cloud-based disaster recovery as a service (DRaaS), delivered in partnership with Evolve IP, Nimble Storage and Veeam Software, provided healthcare firms with world-class data protection and recoverability.
The situations included would-be ransomware attacks that were shut down and rendered ineffective because of a robust cloud backup and DRaaS strategy. Kinka explained that at the core of these solutions is Evolve IP’s Compliance Cloud™, our HIPAA-compliant, HITRUST-audited cloud infrastructure. The state-of-the-art technologies that underlie Evolve IP’s virtual private cloud and hybrid-cloud solutions were further explained by Virju Patel of Nimble Storage and Rick Vanover from Veeam.
In short, attendees learned strategies for providing the ultimate combination of on-premises and off-premises ransomware protection and availability.
For more info about Evolve IP and our Prem Extend™ suite of disaster recovery and business continuity solutions, please contact us today.
Evolve IP has recently been recognized as a Visionary in Gartner’s 2017 Disaster Recovery as a Service Magic Quadrant. For more information, read the press release here.
Ransomware 101: What is ransomware?Categories: Business Continuity & Disaster Recovery Healthcare