volcano eruption disaster

Urgent Need for Disaster Plans – New Ransomware Threats

January 5, 2017 by Jinx Davis

Christmas and New Year were devastating for several of our business clients and Andy Pizer and the staff spent the holidays working. Due to these events we beg, plead and urge you to understand the destruction that cybercrime and disaster may bring to your company and/or your personal data at home.  You must have a clear disaster plan in place to mitigate these very real dangers.

One of these Christmas events involved a business client that was infiltrated with a new strain of ransomware. The new strain entered the server without human interaction to invite it in and ran through the entire network, and regretfully, the backup system as well.  This client was new to our services and did not have a disaster recovery plan in place.

Two days earlier, a Texas business client was hit with ransomware.  It did not destroy them.  They had fully incorporated a disaster plan designed by the Millennium Group and they faithfully followed it.  Instead of losing all their data, we had them up and running within 2 hours of their call to our office.

On New Year’s day, another new strain of ransomware hit two other business clients, again creating stress, expense, and loss of data. They did not have disaster plans in place.

Millennium Group has repeatedly warned about ransomware.  Ransomware is the term for remote computer hijacking where files are encrypted until the money is paid.  The FBI estimates ransomware is on pace to be well over a $1 billion dollar source of income for cybercriminals this year.

All ransomware variants pose a threat to individual users and businesses. Recent variants have targeted and compromised vulnerable business servers to identify and target hosts, thereby multiplying the number of potential infected servers and devices on a network. Actors engaging in this targeting strategy are also charging ransoms based on the number of hosts (or servers) infected. Additionally, recent victims who have been infected with these types of ransomware variants have not been provided the decryption keys for all their files after paying the ransom, and some have been extorted for even more money after payment.  Ransomware is hitting all levels of government agencies, hospitals, businesses, home users and almost everything in between.

Deviations of ransomware are constant and growing with sophistication.  They can enter your system through phishing emails, advertisements, videos, operating system vulnerabilities, or through drive-by downloads (which does not require user initiation) from a compromised Web site.  You no longer have to click on a malicious link to have this malware installed on your servers and computers.

A disaster recovery plan (DRP) is a process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster. The disaster could be natural, environmental or man-made. Man-made disasters could be intentional, such as an act of a terrorist or cybercrime, or unintentional and accidental.

Disaster plans include:  (1) preventive measures, (2) detective measures, and (3) corrective measures.

Preventive measures will try to prevent a disaster from occurring and reduce risks.  These measures should include redundant data backup, 3 hard drive rotations, off-site backup, and routine inspection.

Detective measures are taken to discover the presence of any unwanted events. These measures include installing fire alarms, using quality antivirus software (such as Cylance), and using server and network monitoring software to ensure operating systems are healthy and updated (Managed IT).

Corrective measures are aimed to restore a system after a disaster occurs.  Millennium Group takes its role as a custodian of your business technologies seriously. Our clients who have allowed us to incorporated protective procedures have successfully survived disaster events – and we respond instantly to any dangers they face.

Disasters will happen – it’s only a matter of ‘when’. If you are not working with us to provide adequate protection in the event of a major disruption, we cannot protect your business. Our procedures could save you thousands of dollars in losses or even business closure.  For the small business, any extended loss of productivity can lead to reduced cash flow through late invoicing, lost orders, increased labor costs as staff work extra hours to recover from the downtime, missed delivery dates, etc. If major business disruptions are not anticipated and addressed today, it’s likely that these negative consequences can have long-term implications that affect a company for years.

Our website (www.milpond.com) and its blog outline both our experiences and our services so that you do not end up losing your business.

It is painful to witness what happened to our client this Christmas.  As a result of this tragedy, we are pleading with our clients who do not have a disaster plan and redundant data back-up to call us immediately at 970-663-1200 or email us at admin@milpond.com.

We will schedule a time to work with you on what can be done rapidly to ensure that you are protected.  If you are already working with us to address these issues and protect your business – you have our kudos.  If you have passed on our previous warnings, we beg you to receive this as a wake-up call.

Please.  Please.  Call us now. 970-663-1200.