What is the risk?
There were over 600 million ransomware attacks in 2021, a 150% increase on 2020’s total attacks. 66% of organizations were hit by ransomware in the last year, up from 37% in 2020 and experts believe this is only going to increase further in the second half of 2022 due to the war in Ukraine. The successes of cyber criminals is due to increased funding and consequently the variety and sophistication of techniques that are being deployed today in order to gain access to a target environment. Phishing attempts have soared by 600%, insiders are being bribed millions of dollars to initiate attacks internally, Log4j saw the rise of a huge vulnerability in most software vendors globally, USB cables are being rolled out that have ransomware inside and new and powerful variants are just a few examples of an ever-growing threat landscape with new encryption strains able to encrypt files at up to 25,000 per minute.
In the UK, across 2021-2022, 81.4% of organizations had experienced at least one cyber attack in the year prior to the study, compared to 71.1 percent in the previous annual findings. CyberEdge also investigated the rate at which companies were hit with ransomware attacks. Well over half (73 percent) of UK organizations dealt with a ransomware attack, a 15 percent rise on the previous year. While only a small portion of companies paid the ransom, ransomware attacks can still be very expensive to fix.
Businesses need to raise their game when it comes to Ransomware awareness, protection and training…
Who are Bullwall and what is RansomCare?
BullWall, who were born out of the Danish equivalent of GCHQ have an incredibly unique solution that it’s main purpose is to combat ransomware. The best part is, due to this uniqueness, it’s entirely complimentary to all your existing cyber security solutions (Antivirus, Microsoft security etc..). Avoira have teamed up with Bullwall to bring the solution to local businesses to project their data, systems and teams.
The solution from BullWall is called RansomCare, it sits as the ‘Last Line of Defence’ within your business, should your existing perimeter or endpoint-based solutions fail to pick-up a new or existing ransomware variant.
RansomCare is agentless, so it’s quick and easy to deploy and it monitors existing network traffic so there are no network overhead or performance issues because of deploying the tool.
How does the assessment work and how can it help?
The Ransomware Assessment is an online and remote 1-2 hour session that requires half hour of preparation in advance by your IT team/partner. The assessment will help you understand your resilience to an outbreak of malicious encryption and file corruption on your file shares, typically caused by a ransomware attack. A simple list of pre-requisites will be shared that should be completed before the session. The Ransomware Assessment Test is an entirely remote process, typically via Microsoft Teams.
On the agreed date, an Avoira Engineer and 1-2 of your operational or technical resources will spend approximately 1 hour completing the technical configuration before the assessment. After the configuration, the approximately 45-minute assessment will begin. You can share the invite with a broader group of attendees and interested stakeholders.
The assessment part of the call involves running a total of 8 simulated encryption tests, targeted within the test file share that has been provided. The 8 tests are split into two sections. The first 4 tests are activated with RansomCare disabled, this means we switch the solution into monitoring mode and therefore RansomCare won’t take any action against the encryption detected, the purpose of these first 4 tests is to understand if any existing security tools within the environment (AV, EDR, Endpoint Security) can detect the encryption taking place and perform any actions to stop it.
Once completed, we run the same 4 tests again, but we enable RansomCare and activate the Kill Switch, so RansomCare will then respond upon detecting the encryption and take the necessary actions to stop the encryption in it’s tracks. This two-sided assessment provides a great understanding of your current ransomware protection features, as well as seeing RansomCare live in action, within your own environment.
Want to find out more?