Worried about your data? so are we

IT Security

Maximizing your IT Security Investment

Many business owners don’t know how much they should be budgeting towards IT security. The answer to that is simple: how much does your business stand to lose from downtime? The average amount of time to recover from a ransomware attack (with good backups) is approximately three hours per computer user. Think about the lost productivity of your computer-based employees and systems run by computers and calculate how much money that would cost your business. The basics of cybersecurity for your business can be covered for a fraction of this cost. IT security isn’t always about having impenetrable systems. It’s about being more difficult to compromise and making you business an unattractive target. Hackers are often looking for an easy target and even basic security systems can thwart the majority of penetration attempts. 

Best in class Security solutions, optimally priced​

Ransomware

In the information age, data security is of utmost importance, especially in business. It is too often that we see even the largest of businesses (and even IT providers, in some cases) infected with ransomware or similar malware that corrupts their data. At Resolved IT we have selected all our solutions to combat this dangerous new type of malware, and earned a significant amount of business from companies who were affected by ransomware by helping them recover and implement preventative measures for the future.

What is Ransomware?

Ransomware is a type of software designed to encrypt your data (essentially scrambling the data, making it unusable) with a private key (password) so that the only way your data can be unlocked is by transferring the hacker crypto currency. This results in total stoppage of all computer systems for the affected business, loss of critical data, and usually a significant financial impact.

 

How is Ransomware distributed?

Ransomware is most commonly distributed through e-mail phishing attacks. Phishing is when a malicious person sends a genuine-looking but ultimately fake e-mail to employees at a business in an attempt to get them to download a file, enter their password, or otherwise gain access to an employee’s computer. Once a computer on a network has been compromised it is very easy for the virus to spread across the network to other employees’ computers and the company’s server. Once the malware has propagated to all the devices on the network, the malicious software begins encrypting all devices available to it. Often, victims of ransomware will start the recovery process, and then ransomware will re-propagate. This is called a ‘time bomb’ and is a feature of many ransomwares. The attacker will continue to re-encrypt all data on the network until either the ransom is paid or the network is secured by an IT Security Professional.

My business was hit with Ransomware, what now?

At Resolved IT, much of our business comes from companies that were affected by this type of attack. We’ve helped dozens of businesses recover from these attacks, especially recently, and have become very familiar with the nuances of several different types of ransomware and how to recover from them. Some have decryption keys available online, some have workarounds and flaws, and some haven’t been decrypted yet. If a ransomware has not been decrypted yet, this means that the data will remain encrypted until the ransom has been paid or it is eventually decrypted by IT Security Professionals. The absolute best way to prevent damage from ransomware attacks is to retain several backups at multiple physical locations with unique passwords. Typically, most businesses already have a backup solution however in our experience is not uncommon for backups to also be encrypted by the attack. Here’s the Resolved IT Ransomware Recovery roadmap:

  1. Patch the leak. It is essential that, before any data is attempted to be recovered or work is conducted on the network, the entrance point of the malware is identified. If work proceeds or data is recovered, the network will be re-infected at some point sooner or later. There are typically ‘time bombs’ built into ransomware that automatically re-infect the network after a certain amount of time. Any work done before the leak is patched will likely be destroyed.
  2. Identify your options and the affected devices. Check if your backups are still safe, identify all affected machines and take inventory. We need to understand the total scope of the attack before we can procure a recovery plan.
  3. Create a plan. Now that we know the scope of the issue, we can develop a plan to recover. Restoring data from backups, wiping machines that were affected to factory settings and re-installing business software, and finding a way to prevent it from happening ever again.
  4. Begin Recovery. Using all available resources we will get you running as quickly as possible, starting with mission-critical files and working our way down the list.
  5. Train & Inform the users. If your users do not understand why or how the attack happened, you are vulnerable to further attacks. If you choose to pay the ransom, you will forever be a target and all sorts of attacks will be thrown your way in the future. A network is only as secure as its least-informed user. It only takes one person to click a bad link or download a bad file. Users can be trained to identify these attacks.
  6. Implement preventative measures. Once we identify how the attacker breached the network, we can work to prevent it from ever even reaching the recipient of a phishing e-mail or bad file. E-mail attack filters, anti-malware software, anti-encryption software, IT Security policies and procedures, least-required-permissions management, and user training are some of the methods we employ at Resolved IT.
  7. Continuous monitoring and auditing. Once you’ve recovered, you need to stay on top of it. 24/7 network & device monitoring will make sure we’re never leaving vulnerabilities open to the world-wide-web, and auditing will ensure we’re always using the latest standards. The cost of monitoring and regular security auditing is nothing compared to the cost of business downtime.
 

Proudly Serving Local

MSP based in Vancouver BC serving clients in dozens of industries in the lower-mainland

Abbotsford

Burnaby

Coquitlam

Langley

Maple Ridge

New Westminster

Pitt Meadows

Port Moody

Richmond

Surrey

Vancouver

Delta

Ready to work with an IT Company that always has your best interest in mind?