Ransomware Protection

Ransomware is a cyber threat that doesn't discriminate. Regardless of business size and whether your organisation is in healthcare, government, finance, manufacturing, or retail - you're vulnerable to ransomware.

Traditional cybersecurity services such as penetration testing aren't looking for vulnerabilities to ransomware, and there isn't a "one size fits all", or "install this software" fix. This specialised service helps organisations to understand where and how they're at risk, what controls, remediations, and mitigations need to be in place, and most importantly provides your team with an education-based approach as to why the recommended measures need to be implemented.

Find The Weak Points

This service begins with an analysis and assessment of your environment against the mechanisms through which ransomware gets in, as well as the damage it could possibly do once it's active. We work with you and your specific systems to determine what measures need to be in place to prevent ransomware attacks, as well as recovery and response plans.

Depending on your level of risk based on industry factors, as well as a desired level of control implementation, this service offers multiple levels of control testing depth, simulated phishing, and optional incident response exercises.

Ransomware vulnerabilities are like the swiss cheese of information security. Resiliency requires understanding what needs to be in place, and where. It provides an answer to the question "Can your organisation effectively stop ransomware?"

Become Resilient

The outcome of the ransomware protection service shows you how susceptible your organisation is to an attack, what controls are or are not in place, and compares what's needed to prevent an attack with what your organisation has already. The end goal is resilience against ransomware, increased ability to recover from cyber intrusions, and an increased level of cybersecurity maturity.

Phoenix will provide a recommended remediation and mitigation pathway to specifically protect against ransomware depending on the depth of detail required for your organistion, as determined by your goals and risk level.. These recommendations can either be implemented by your internal IT team, or the security engineers at Security Centric can provide that service too.

Ransomware FAQs

While the overall goal of the ransomware protection service is increased resilience against ransomware and an increased ability to recover in the case of an attack, the combination of technical control analysis, simulated phishing exercises and additional optional inclusions means that your organisation gains significantly more from this service

What is ransomware?

Ransomware is a form of malware - malicious software - which once activated encrypts the victim's system. It can affect a single PC, or an entire network, depending upon how securely configured your infrastructure is.

Once the ransomware has a hold of your infrastructure, if there is no redundancy in place for this there are few options left to you as to recovery of your system. Options include paying the ransom, or hoping there is a decryption key freely available.

No one is safe from a ransomware attack, but having any weak spots in your infrastructure and processes identified and remediated or mitigated, as well as having a response and recovery plan can help minimise the disruption and cost to your business.

In a move that is becoming more frequent, organisations affected by a ransomware attack then become vulnerable to secondary requests for ransoms as malicious actors then threaten to sell or reveal sensitive financial and customer data.

What is the cost of a ransomware attack?

Ransoms demanded by malicious actors post attack can vary greatly. You've probably heard that numbers can run into the millions, with attacks like the one on Garmin and Lion being key examples of this.

The cost of business downtime to recover, decrypt, and the combined cost of loss of trade is nearly 50 times greater than the ransom cost. The average business downtime cost in Asia Pacific in 2020 was $257,000 (USD).

What types of organisations are most at risk of ransomware attacks?

Ransomware doesn't discriminate and attacks aren't specific to a particular industry. Everyone is at risk of a ransomware attack, and it's a common saying cyber security circles that "it's not a case of if, it's a case of when". Hospitals and Health Care, Retail, Fast Moving Consumer Goods, Schools, Software Companies, Government Organisations, Manufacturing, Logistics are just few of the industries

Can't I just install some antivirus and a firewall?

We wish it was that easy. While an antivirus and a firewall are a great start to protecting against any malicious cyber attacks, there are multiple ways that ransomware can get into and get a hold of your system.

Specifically for ransomware attacks too is the question of "Once it's there, how much damage can it do?". So the multiple pronged approach to security comes to play in a "prevention plus response and resiliency".

Information security touches everything from having the antivirus and firewall, through to proper configuration of that, to awareness, training, and policy, to securing infrastructure and web-facing applications. We refer to this as an "attack surface", and what needs to be done to secure your environment is specific and to you.

The great news is that here at Phoenix our goal is to simplify the understanding and fixing of this as much as possible. We don't just want to tell you what you need to do, we want you to understand why it's important and how it's going to help keep your organisation secure.

Recent ransomware attack examples

November 2020: Legal services firm Law in Order was hit by what's becoming commonly known as a "double ransom", where the data stolen during the initial attack is then used to threaten the organisation for additional payments.
Type: Netwalker Ransomware | Ransom Cost: Unknown

October 2020: Barnes & Noble booksellers were targeted by ransomware which compromised customer names, billing and shipping addresses, emails, and telephone numbers. It also affected their online and in-store operations including their ability to process payments.
Type: Egregor Ransomware | Ransom Cost: Unknown

September 2020: Tyler Technologies, the largest software company in North America dealing with the public sector, paid a ransom for a decryption key to recover their files.
Type: RansomExx | Ransom Cost: Unknown

August 2020: Garmin electronics - best known for their GPS and fitness tracking devices, but whose technology is also used in aviation - reportedly paid $10m to ransomware hackers. By many accounts the majority of their systems were rendered useless.
Type: WastedLocker | Ransom Cost: $10m

June 2020: Lion Australia, the beverage giant, was hit by multiple cyber attacks that included ransomware, after which the hackers threatened to publish or auction company data on the darkweb.
Type: REvil | Ransom Cost: $1.16m

We Are Here To Provide You Best

We know cyber security can be confusing, but it doesn't have to be. If you've got questions about your cloud security needs, from basic to advanced, our team of business and technical experts are happy to help.