This time of year, causes me to think about cyber lessons learned, malware related questions from customers and colleagues and all the ghoulish activities we have witnessed in 2017. We have seen obvious phishing mails that are clearly spoofed email addresses or URL’s and have provocative messages to drive users to click. These provoke the users to click the message, open an attachment or a click infected URL that cause the execution of the malware. Another common way to be become infected is through compromised websites that can trigger the installation of an unintentional program download. These are “Tricks” used to cause a user to change their normal behaviors. As we have more and more awareness of Phishing and Ransomware, our ability to be “Tricked” has been reduced, but not eliminated.
Ransomware has now become synonymous with Phishing. The two attack types are merged together into an imbedded encryption attack. The statistics are showing that over 90% of all Phishing attacks now contain Ransomware encryption. The technique of the Phishing mails is changing in the business world to draw employees in and cause the attack to be successful. The emails that are now seen include a personalized message with a correct salutation that includes subjects of interest by job category. These are effective attacks and are gaining popularity. Sophistication of social engineering is improving in these types of attacks.
Ransomware is also getting in to business systems through the vulnerability of operating systems and software. Targeted attacks are being delivered on outdated security software or system software. These types of attacks are broad and successful as we have seen over the past few months. The Malware enters the organization via targeted attacks of known vulnerabilities and they migrate through systems to infect the entire network and its connected devices.
Ransomware works in a very orchestrated manner. Once the ransomware program has been executed it starts communicating with its host to acquire an encryption key. This happens very quickly. Once the program has its key it encrypts the data on a system. The data is then unusable. Encrypted data can “typically” be recovered using the decryption key, but there are no guarantees given the source of the attack. Once the decryption key is delivered back to the program, the process can then be reversed.
The best preparation and organization can take follow many common practices. From updated end-point protection products, to stringent data back-up procedures to patching and updating of software. These along with a cybersecurity process of Identify, Protect, Detect, Respond and Recover are extremely valuable for any business. Phishing/Ransomware Employee education and training continues to be a highly valuable process to do on a continual basis.
In addition to developing a Cybersecurity process and following a standardized framework, vulnerability scanning and monitoring network behavior are must have proactive countermeasures.
Lastly, nothing is guaranteed to keep your business safe, but, reducing your attack surface area will be worth the investment. The ability to know in real-time if an attack is in process and the knowledge to remediate or immediately take the suspect system off-line, can save you significant time, energy and money.
Cytellix® Cyber Watch Platform (C-CWP™)
C-CWP™ provides value by baselining the truth about the true cyber posture of our customers. We then move towards a cybersecurity mesh architecture of integrated continuous improvement that aligns with business objectives. C-CWP™ is an interoperable and open platform designed for change in posture and threat landscape. C-CWP™ is delivered as a complete “turnkey” outsourced service or in combination with internal teams and previously purchased security capabilities
Cytellix® Endpoint Detection Response (C-EDR™)
Cytellix® Endpoint Detection & Response (C-EDR™) is a flexible solution that can be used standalone, enables bring-your-own-license or can be provided turnkey as a complete managed solution with our C-GRC™, C-MDR™, XDR, SOC 24x7x365 managed Turnkey Solutions. The Cytellix turnkey C-EDR™ is a Enterprise grade solution that is complete and has full integration with the Cytellix platform.
Cytellix® Governance Risk & Compliance (C-GRC™) & IT Risk Management (IRM)
Risk Management requirements are evolving to align to the changes arising from compliance risk shifting towards regulatory impact on business process. The demand on organizations to understand their cybersecurity posture, report status and meet regulatory obligations is driving demand across the enterprise (small>large) for a non-technical, turnkey all-inclusive platform.
Cytellix® Managed Detection Response (C-MDR™)
Patented technology compiles information from the vulnerability's, governance, risk, compliance assessments, event data, and analytics. Delivers real-time analysis, including continuous improvement visualization and scorecard.
Extended Detection Response (C-XDR™)
The Cytellix® Extended Detection Response (C-XDR™) solution leverages our flagship Cytellix Cyber Watch Portal (C-CWP™) as turnkey compliance, awareness and response platform. Our C-XDR™ includes, vulnerability management, devices profiling, network segmentation, asset discover, threat intelligence, leak detection, EDR, pre-defined use cases for log ingestion and correlation of threats and our USA based 24x7x365 Security Operations Center (SOC). The Cytellix platform leverages our in-house AI/ML models for real-time telemetry, threat discovery/hunting and ticket reduction. This is a complete turn-key, affordable XDR solution.
Cybersecurity for Small and Medium Business
Cytellix® has designed its platform to enable the small and medium business to adopt quickly, with low friction at an affordable price. We have found that the tasks of both regulatory compliance with cybersecurity frameworks and building a high quality cybersecurity monitoring and infrastructure is a significant time, resource and expense issue for SMB's.
We will get btackts to you as soon as posTsible.
Oops, there was an error sending your message.
Please try again later.
The Cytellix® team of experts have been delivering cybersecurity for the past 15-years to some of the largest networks in the world. This expertise is delivered to our SMB customers as an affordable, precise, and comprehensive solution designed for organizations who need to comply with Cybersecurity regulatory requirements. There is no other fully integrated GRC, MDR, XDR, EDR single pane of glass solution that is as rich in capabilities, as easy to use and available in production today.
Cytellix® - Patent Pending. All Rights are Reserved By Cytellix®