Mar 29, 2022
As cybercriminals continue to evolve, their attacks have become more sophisticated. Now more than ever endpoint targeting has become more prevalent. Endpoints include not only desktops and servers, but laptops, tablets, smartphones and even smartwatches. For some IT departments, endpoint management can be in the thousands which makes this a prime target for infiltration. Even more critical is the fact that traditional antivirus software is no longer enough to mitigate your cyber risk – enter Endpoint Detection & Response (EDR) solutions.
What is EDR?
Endpoint Detection & Response (EDR) is a security solution leveraging real-time continuous monitoring and collection of an organization’s endpoint data to detect suspicious system behavior.
What are the benefits of EDR?
Research suggests the average time between a breach and actual detection is over 200 days! EDR solutions help eliminate human response delays through its continuous monitoring which allows for remediation through predictive analysis and advanced threat protection. Once it detects an issue, it automatically takes action to quarantine and remove the threat all while alerting appropriate human administrators to prevent a potentially devastating and costly cyber incident.
- Enhanced visibility into your endpoints and allows for faster response time
- Post-breach detection, remediation, and response
- Machine learning and built-in analytics tools used to identify new and emerging threats
- Prevention of costly intrusion – an IBM study found those organizations that contain a breach in under 30 days save more the $1million.
How can WVCT Help?
WVCT’s Managed Services through DMC Technology Group includes advanced Endpoint Detection & Response (EDR) software that provides you the peace of mind in knowing your greatest assets are being monitored 24×7 against the latest cyber threat. Proactively allowing you to minimize lost data and valuable production time.
For more information, check out our managed services solutions here.
Categories: Risk Services
The Price of Falling Victim to Ransomware: Colonial Pipeline Forced to Pay $5 million ransom – could you be next?
May 17, 2021
By now, most of you have felt the impact of the recent ransomware attack on The Colonial Pipeline causing skyrocketing gas prices and even leaving some gas stations with shortages. Colonial Pipeline paid a pretty penny to resume operations by forfeiting $5 million to a well-known hacker group called Darkside. This is yet another example of a high-profile cyberattack.
Companies of all sizes are at risk of falling victim to cybercriminals. In late April of this year, Apple disclosed a third-party service provider had been attacked and cybercriminals were demanding $50 million in return for controls. The hackers behind the Colonial Pipeline have already attacked 3 additional companies only after collecting on the Colonial Pipelines ransom. The 3 companies were smaller in size and spread across the world – 1 in the United States, 1 in Brazil and, 1 in Scotland.
While Colonial Pipeline and Apple both experienced ransom attacks (cybercriminals deploy malicious software encrypting files on a computer system and then demand a ransom to be paid to restore the data), they were two completely different types of which exposures cybercriminals are now leveraging to ensure their payout:
- Critical Infrastructure – Colonial Pipeline carries nearly half of the fuel supply on the East Coast meaning holding such a critical company at ransom to resume operations is a ruthless approach to ensuring a ransom will be paid. Cybercriminals are now turning their attention to critical infrastructure as prime targets.
- Third-Party Targeting – Apple was not held at ransom within their own network, but at a third-party supplier of proprietary parts. Due to weaknesses within the third-party suppliers’ network, hackers used the vulnerability to their advantage. Knowing the third-party provider would not have the capital to pay combined with the proprietary data at stake, hackers knew Apple would forfeit the ransom.
It is imperative companies of all sizes assess their networks for weakness. A cybercriminal does not care if your business cannot survive after paying a ransom. They are looking for a quick payout. Many companies rely on third-party IT security professionals to help fill skills gaps to mitigate risks. There is no better time to ensure your company, big or small, has the right measures in place to keep your capital safe and secure.
How we can help
WVCT is here to help you assess your IT risks and support your overall security plan. To schedule a meeting today, connect with our Risk Services Practice Leader below.
Connect With Us.
Tiffany Pollard, CISA
wvco.com | 419.891.1040
Categories: Risk Services