11:11 Systems of Cloud Market Intelligence Brian Knudtson is joined by guests Steve Broeder, Allan Liska, and Christian Mohn for a conversation about malware. Are cyber-criminals still lurking around each corner ready to infect your endpoints with ransomware, or are there new actors in the threat landscape? Should corporate IT still be in charge of security? We also discuss the importance of constant vigilance and DR plans.
[03:08] When it comes to protecting data, malware is definitely on the most wanted list. It takes many different forms with ever changing tactics to work its way into our systems and cause havoc all over the place. Generally speaking, it starts by finding an opening in our defenses, then spreads once it gets in. Steve, how does malware tend to enter into a corporate infrastructure and how can it be stopped before even getting into the systems?
[11:51] So we touched on this a little bit, but maybe you can go a little bit more in depth into how we can track these things, how we can get that detection and alert as quickly as possible, and beyond just the network segmentation, how we can stop it from happening?
[24:15] Ransomware is is number one on the list for sure. But there are still other forms of malware. I mean, and those of us that have been around for more than five or ten years know about viruses and worms and other things that are out there. So, are viruses still a thing or have they evolved to something else? And what other forms of malware exist out there that people should be worried about?
[03:45] “I think the first three things to really look at are software exploits, network weaknesses, and user actions.” — Steven Broeder
[04:37] “First of all, from the outside, criminals can’t hack what they can’t get to. So you’ve got to make sure your front doors to the Internet are locked and tightly controlled with a good bouncer that only lets the proper party guest in it.” — Steve Broeder
[14:17] “I think that’s one of the biggest things we can do, is it professionals these days. It’s just making sure we have some ear on the news so that when we hear about these exploits in these parts leads and stuff, that we can take action right away.” — Steve Broeder
[16:21] “Many times once ransomware specifically gets into a system, then it might be there for quite a while before it does anything… That’s also a problem with getting back to a normal state because you don’t know how long this thing has been moving around in your network. So how far back on your backups do you go? You might infect yourself again by restoring to the wrong time. So it’s a messy world.” — Christian Mohn
[17:14] “When you walk into a ransomware attack, generally it’s the worst day of your life as a security person. And there’s going to be pandemonium around you with everybody wanting to know, when is my system coming up? When is this going to get done? When are we going to get back? It’s the end of the quarter. We’re going to miss our sales target and so on and so forth. And if you don’t have that plan, it makes it so much harder to start and complete the restoration process in a proper format.” — Allan Liska
[19:51] “If [the recovery plan] lays it out in a rational way and explains what the cost is going to be to the company in a way that leadership can understand without too much technical jargon, it really goes a long way to emphasizing the importance of heightened security measures.” — Allan Liska
[23:04] “There are Trojans. You download something and it’s not whatever you thought it was. Spyware is still a problem. I mean, our personal data is very interesting for a lot of people with ill intent. Right. So. Spyware with keyloggers get ahold of your banking information or whatever. Same with adware as well. We see the the influx of these Bitcoin miners that spread around as well.” — Christian Mohn
[25:36] “The other thing that’s also out there and it’s not a virus, it may be bigger than ransomware, at least the FBI thinks it is… Business email compromise. No virus deployed, but tens of thousands or hundreds of thousands of dollars lost.” — Allan Liska
Oceanscan navigates ransomware scare with 11:11 Systems.
After a ransomware attack, Oceanscan realized they needed a better ability to recover and restore access to their data. Learn how they were able to partner with 11:11 Systems to provide:
- A seamless failover from 11:11 DRaas to IaaS
- Continuous data availability and business uptime
- World-class support
- Platform control and flexibility
- Innovative and comprehensive service in line with company objectives