Search
Close this search box.
Categories
Data Protection

Ransomware Clusters: Protect Yourself and Prevent Attacks

Ransomware groups continue to take advantage of vulnerabilities to infect and extort their victims. It is important that individuals and businesses are aware of these vulnerabilities and take the necessary precautions to protect themselves from infection.

By knowing what to look for, we can help minimize the chances of falling victim to cybercriminals, ransomware attacks, and all their effects.

In this article, we will discuss how to protect yourself against ransomware group attacks, the dangers of not being prepared, and what to do to protect yourself.

Groups specializing in malware distribution

Ransomware groups are organized criminal gangs that specialize in distributing different types of malware

They often take advantage of old vulnerabilities to infect their victims. This is because many people and companies do not keep their software up to date, leaving it vulnerable to attack.

According to the analysis of ransomware attacks recorded between January and March 2022 by cybersecurity researchers at Digital ShadowsLock Bit 2.0 and Conti were the two most active ransomware gangs during the three-month reporting period, accounting for 58% of all incidents.

Ransomware gangs usually infect a computer using social engineering techniques, such as sending malicious e-mails that contain infected attachments or links.

Once a victim opens the attachment or clicks on the link, the ransomware runs and encrypts the computer’s data. After encrypting the data, the gangs usually demand a ransom in virtual currency to decrypt it.

In addition, ransomware gangs can also infect a computer using exploits and unknown vulnerabilities, also known as Zero-Day attacks.

This is done by exploiting a flaw in the computer’s software that has not yet been fixed by the manufacturer. By doing so, ransomware gangs can gain complete access to the organization’s computer and networks.

Once ransomware has access to a network, it can spread to other computers connected to the network and encrypt the data on all computers.

This makes it even more difficult for an organization to recover its data, as they need to pay ransoms for all infected computers.

Ransomware groups have made their operations professional

As ransomware groups are becoming more professional with their attacks, it is important that individuals and businesses take the necessary precautions to protect themselves. One way to do this is to know what to look for to identify a possible ransomware attack.

Some of the most common vulnerabilities that ransomware groups are exploiting include old exploits in established products such as operating systems and productivity tools.

By keeping them up to date, we can help mitigate the risk of being infected by ransomware.

As ransomware operations have become more complex, they require an increasing range of specialized skills to be executed successfully.

For example, some ransomware groups are recruiting IT professionals to help encrypt their victims’ systems and ensure that the attack is successful.

The groups are increasingly specializing in certain industries to ensure that the victims are willing to pay the ransom.

For example, some ransomware groups are focused on attacking hospitals because they know that these organizations cannot stop functioning and need their systems to operate.

This means it is crucial that companies identify the types of ransomware that are being targeted and take the necessary steps to protect themselves.

In addition, it is important that companies keep a backup of their data so that they can restore their systems if they are infected by ransomware.

Finally, it is also a good idea to educate yourself and others about the dangers of ransomware. By doing so, we can help decrease the chances of being a victim of an attack.

 

infographic about the data protection platform CipherTrust

 

How to protect yourself from ransomware groups

There are a few steps you can take to protect yourself from ransomware groups.

  • First of all, make sure that you have up-to-date security software installed on your computer and that it is running the latest patches;
  • The second step is to be aware of the types of ransomware that exist and the methods they use to infect their victims. This will help you identify an attack if it happens;
  • Third, make sure you have a backup of your data in case you get infected. This way you can restore your systems without having to pay the ransom.

Also, be very careful what files you download and open, especially if they are from unknown or untrusted sources.

If you suspect that you have been infected with ransomware, do not attempt to pay the ransom, as this only encourages the attackers and may not result in the release of your files.

Instead, contact a professional malware removal service or your local authorities for assistance.

By following these simple steps, you can help keep yourself protected against ransomware groups.

Your company’s cybersecurity with real-time data protection and secure encryption

O
CipherTrust
is the ideal solution against ransomware attacks. In a simple, comprehensive and effective way, the solution
CipherTrust
provides capabilities to secure and control access to databases, files, and containers – and can protect assets located in cloud, virtual, big data, and physical environments.

With CipherTrust, you can protect your company’s data and anonymize your sensitive assets, ensuring security for your company and avoiding future problems with data leakage.

Eval Professional Services has a team of specialized professionals with the best practices in the market

Benefit from our many years of experience and expertise in information security and compliance with LGPD (General Data Protection Law). We will be your partner for realizing digitization projects in compliance with security and data protection regulations.

We share our expertise across all business flows in healthcare organizations to help you minimize risk, maximize performance, and ensure the data protection your patients and partners expect.

About Eval

Eval has been developing projects in the financial, health, education, and industry segments for over 18 years. Since 2004, we have offered solutions for Authentication, Electronic and Digital Signature, and Data Protection. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With market recognized value, Eval’s solutions and services meet the highest regulatory standards for public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Categories
Data Protection

Anti-Ransomware: Only 48% of Enterprises are Ready

A new survey from Thales, one of the world’s leading advanced technology and Eval partner, reveals that malware, ransomware, and phishing continue to plague companies globally when it comes to data protection and privacy. And that few have an anti-Ransomware plan.

One in five businesses (21%) suffered a ransomware attack last year, with 43% of them experiencing a significant impact on operations. The severity, frequency and impact of ransomware attacks impact the life cycle of organizations.

O
2022 Thales Data Threat Report
conducted by 451 Research, including more than 2,700 IT decision-makers worldwide, found that less than half of respondents (48%) have implemented an anti-Ransomware plan.

In addition, a fifth (22%) of organizations admitted that they have paid or would pay a ransom for their data.

Even against this backdrop, 41% of respondents said they had no plans to change security spending, even with greater ransomware impacts.

Healthcare was the most prepared at 57% with an anti-Ransomware plan, and energy was the least at 44%, despite both sectors experiencing significant breaches in the last twelve months.

Anti-Ransomware Plans: The Cloud Has Increased Complexity and Risk of Attack

The accelerated move to the cloud is also causing more complexity and risk. According to the report, 34% of organizations are using more than 50 SaaS applications.

However, 51% of respondents said it was more complex to manage privacy and data protection requirements, such as LGPD (General Data Protection Act), in a cloud environment than on-premises networks, up from 46% last year.

Only 22% of respondents said they have more than 60% of their sensitive data encrypted in the cloud.

Threats and compliance challenges from ransomware attacks

Throughout 2021, security incidents remained high, with nearly one-third (29%) of companies experiencing a breach in the past 12 months. In addition, almost half (43%) of IT leaders admitted to having failed a compliance audit.

Globally, IT leaders ranked malware (56%), ransomware (53%), and phishing (40%) as the top source of security attacks.

Managing these risks is an ongoing challenge, with nearly half (45%) of IT leaders reporting an increase in the volume, severity, and/or scope of cyber attacks in the past 12 months. This makes anti-Ransomware initiatives more difficult.

Ransomware: Paying the High Price for the Attack

Cybersecurity Ventures expects global cybercrime costs to grow 15% annually over the next five years, reaching $10.5 trillion per year by 2025, up from $3 trillion in 2015.

This represents the largest economic wealth transfer in history, risks the incentives for innovation and investment.

The risk is exponentially greater than the damage caused by natural disasters in a year, and will be more profitable than the global trade in all the major illegal drugs combined.

The damage cost estimate is based on historical cybercrime figures, including recent year-over-year growth.

This means a dramatic increase in the activities of organized crime gangs and hostile nation-state sponsored cybercriminals and a cyber attack surface that will be an order of magnitude larger in 2025 than it is today.

The costs of cybercrime include:

  • Damage and data destruction;
  • Stolen money;
  • Loss of productivity;
  • Theft of intellectual property;
  • Theft of personal and financial information;
  • Peculato;
  • Miscellaneous fraud;
  • Post attack interruption;
  • Forensic investigation;
  • Restore and delete hacked data;
  • Reputational damage.

Anti-Ransomware and malware defense should be deep and cover separate approaches, including antivirus, phishing recognition, and data encryption.

In practice, the best protection against these attacks is preparedness, frequent cyber security crisis simulation exercises, and a strong awareness campaign for your users.

This is when investing in anti-Ransomware solutions makes the difference

Data protection platform CipherTrust

 

CipherTrust Data Security Platform implements the right anti-ransomware strategy

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

To handle the complexity of where data is stored, CipherTrust Data Security Platform provides strong capabilities to protect and control access to sensitive data in databases, files, and containers. Specific technologies include:

CipherTrust Transparent Encryption

Encrypt data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

It provides transparent column-level encryption of structured and confidential data that resides in databases such as credit card, social security numbers, national identification numbers, passwords, and e-mail addresses.

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

It offers application-level data tokenization services in two convenient solutions that provide customer flexibility – Token without Vault with dynamic policy-based data masking and Tokenization in Vault.

CipherTrust Batch Data Transformation

Provides static data masking services to remove sensitive information from production databases so that compliance and security issues are alleviated when sharing a database with a third party for analysis, testing, or other processing. Critical for companies looking for anti-Ransomware strategies.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

Regarding anti-Ransomware initiatives, the portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables companies to protect data at rest and in motion across the entire IT ecosystem and ensures that the keys to this information are always protected and only under your control.

It simplifies data security, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

The CipherTrust platform ensures that your data is secure, with a wide range of proven, industry-leading products and solutions for deployment in data centers, either those managed by cloud service providers (CSPs) or managed service providers (MSPs), or as a cloud-based service managed by Thales, a leading security company.

Portfolio of tools that ensures protection against cybercriminals

With data protection products from the CipherTrust Data Security Platform, your company can regarding anti-Ransomware investments:

Strengthen security and compliance

CipherTrust data protection products and solutions address the demands of a range of security and privacy requirements, including electronic identification, authentication and trust, Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Act (LGPD), and other compliance requirements.

Optimizes staff and resource efficiency in data protection and privacy

CipherTrust Data Security Platform offers the broadest support for data security use cases in the industry, with products designed to work together, a single line for global support, a proven track record of protecting against evolving threats, and the industry’s largest ecosystem of data security partnerships.

With a focus on ease of use, APIs for automation, and responsive management, the CipherTrust Data Security Platform solution ensures that your teams can quickly deploy, secure, and monitor the protection of your business.

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

CipherTrust Data Security Platform’s data protection portfolio offers a broad set of data security products and solutions that can be easily scaled, expanded for new use cases, and have a proven track record of protecting new and traditional technologies.

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About Eval

Eval has been developing projects in the financial, health, education, and industry segments for over 18 years. Since 2004, we have offered solutions for Authentication, Electronic and Digital Signature, and Data Protection. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With market recognized value, Eval’s solutions and services meet the highest regulatory standards for public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Categories
Data Protection

Ransomware Attack: Know Your Anatomy and Protect Yourself

The year 2021 was a total highlight for ransomware attack cases as it wreaked havoc on individuals and organizations around the world when it comes to Cybersecurity. It is a trend that will continue into 2022 and beyond.

While ransomware is not new to Cybersecurity, it is a threat that has received attention at the highest levels of government and business.

The threat has affected people’s ability to get medical care, put gas in their vehicles, and buy groceries, among other impacts.

The financial effects of a ransomware attack also became prominent during 2021. The impacts hit supply chains, causing more widespread damage than an attack against a single individual.

There has also been an increased response from government and technology vendors to help stem the tide of ransomware attacks.

Anatomy of a ransomware attack in 2021 and 2022

We haven’t even finished the first quarter of 2022 and ransomware attacks are already catching our attention. Companies such as Americanas, Submarino, Shoptime, Samsung, NVidia, and Mercado Livre have recorded Cybersecurity incidents that were probably triggered by ransomware attacks and phishing scams.

The anatomy of attacks that occurred throughout 2021, and will likely continue into 2022, indicates that cybercriminals have realized that certain techniques produce better results and are focusing on those approaches.

Let’s look at some of the main attack characteristics.

Supply Chain Attacks

Instead of attacking a single victim, the supply chain attacks have extended the blast radius. An excellent example of a ransomware attack in 2021 is the Kaseya attack, which affected at least 1,500 of its managed service provider customers.

Double Extortion

In the past, ransomware was about attackers encrypting information found on a system and demanding a ransom in exchange for a decryption key.

With double extortion, the attackers also export the data to a separate location. There, it can be used for other purposes, including leaking the information to a public website if payment is not received.

Ransomware as a Service (RaaS)

In Cybersecurity, gone are the days when every attacker needed to write their own ransomware code and perform a unique set of activities. RaaS is pay-per-use malware.

It allows attackers to use a platform that provides the code and operational infrastructure necessary to launch and maintain a ransomware campaign.

Attack unpatched systems

This was not a new trend for 2021, but it remains a problem year after year. Although there are ransomware attacks that use new zero-day vulnerabilities (
Zero Day
), most continue to abuse known vulnerabilities in unpatched systems.

Phishing Scams

Although ransomware attacks can infect organizations in different ways, in 2021, some form of phishing email was the primary cause.

How to invest in Cybersecurity and prepare for ransomware attacks

Perhaps one of the most important cybersecurity lessons to be learned from the past few years is the importance of advanced preparation for potentially disruptive incidents, such as phishing or ransomware attacks.

A wave of social engineering coups followed as the global health crisis spread around the world, striking at the fears and discomfort of workers during this uncertain period.

While many of the phishing and ransomware controls are already in place today, there are important steps that security administrators should take to prevent and address a potential attack.

Daily Cybersecurity checks for phishing and ransomware

During business activities the main ways to prepare for phishing, ransomware and other cyber attacks include the following:

  • Secure the network perimeter and mitigate any potential breaches to prevent malware from entering the organization;
  • Analyze intrusion attempts and make adjustments to perimeter protection as needed;
  • Ensure that network perimeter Cybersecurity equipment, including firewalls, intrusion detection and prevention systems, DMZs, and security analysis systems and software are up to date with current configurations and rules;
  • Regularly monitor performance metrics, such as average detection time and average repair time, to ensure that incidents are managed effectively;
  • Test and verify cybersecurity management systems and software can be accessed and managed remotely;
  • Perform regular updating of safety equipment rules and other parameters;
  • Install and test all relevant patches;
  • Review and update cybersecurity policies and procedures as needed, especially for phishing and ransomware incidents;
  • Train cyber security team members on all security mitigation features, procedures, and policies.

Investment in Cybersecurity goes beyond critical global events

The COVID-19 pandemic and other global events, such as Russia’s current war against Ukraine, affect thousands of companies and millions of people around the world.

While the long-term implications have yet to be determined, for cyber security professionals, the need for increased due diligence is key.

With people working remotely and focusing on global issues, cybercriminals are likely to be more aggressive.

In future similar events, the need for proactive Cybersecurity management will be an essential business requirement.

CipherTrust DataSecurity Platform Archtecture

 

CipherTrust Transparent Encryption: Real-Time Protection Against Any Type of Ransomware Attack

CipherTrust Transparent Encryption is a file system-level encryption solution that leverages the encryption and key management capabilities of the CipherTrust Manger platform to protect against any type of Ransomware attack.

Filesystem-level encryption is a form of disk encryption in which individual files or directories are encrypted by the system itself. The CipherTrust Transparent Encryption solution performs transparent encryption.

In practice, authorized users continue to have read and write access to the encrypted data, while unauthorized users cannot access the encrypted data. As the main characteristics of the solution, we can highlight:

  • Centralized key and policy management to meet compliance requirements;
  • Performs transparent encryption of server data at rest without interrupting business operations or application performance;
  • Granular access controls so that unauthorized users and processes cannot access the encrypted data;
  • It can be deployed on network shares, file, web, application, database servers, or other machines running compatible software.

Deployment is simple, scalable, and fast, with agents installed on the operating file system or device layer, and encryption and decryption are transparent to all applications running above it.

CipherTrust Transparent Encryption is designed to meet data security compliance requirements and best practices with minimal disruption, effort, and cost. Critical to combating the Ransomware attack.

Implementation is seamless, keeping business and operational processes running smoothly, even during deployment and launch.

About EVAL

EVAL has been developing projects in the financial, health, education and industry segments for over 18 years. Since 2004, we have offered Authentication, Electronic and Digital Signature and Data Protection solutions. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Categories
Data Protection

Cyber security threats: risks that businesses must be prepared for

Cyber security threats continue to be a major challenge for individuals and businesses around the world. Cybercrime, costs globally more than $6 trillion annually, according to
Annual Cybercrime Report 2020
.

To put this in perspective, if cybercrime were a country, it would be the third largest global economy after the US and China.

Since the pandemic in early 2020, many cybercriminals have changed the way they operate. This is because the change in working practices, such as the home office, presented many security vulnerabilities that these criminals quickly exploited.

In 2022, the cybersecurity threat landscape will continue to evolve as many companies return to pre-pandemic working practices, while still maintaining some of the flexible working arrangements they adopted in 2020.

This highlights the importance of understanding what the main cybersecurity risks of 2022 will be and what your company can do to mitigate these risks.

Cyber security threats will continue to increase in 2022 if robust measures are not taken

According to Gartner, organizations that adopt a cybersecurity architecture can reduce the financial impact of security incidents by an average of 90%.

The top 5 types of cybersecurity threats that everyone should consider and be aware of in 2022 are listed below:

1. Ransomware

According to Cybersecurity Ventures, the cost of cybercrime from ransomware attacks is expected to reach $265 billion by 2031.

The report predicts that there will be a new attack every 2 seconds as cybercriminals progressively refine their malware payloads and related extortion activities.

In this type of cybercrime, the victim’s computer is locked, usually by encryption, preventing them from using the device and everything stored on it.

To regain access to the device, the victim needs to pay a ransom, usually in the form of virtual currency.

There are different types of transmission of such threats. However, most of the time, ransomware spreads via malicious email attachments, infected software applications, compromised websites or infected external storage.

How Ransomware uses Unprotected Remote Access Protocols (RDP)

2. Internal threats

This is one of the most common types of cybersecurity threats. It usually occurs when employees, intentionally or unintentionally, misuse authorized access in a way that negatively affects the organization’s system.

In most of these cybercrime cases, it is due to non-compliance with the organization’s policies and procedures. As such, they are prone to emailing customer data to third parties or sharing their login information with others.

These types of attacks would bypass cybersecurity protocols to delete, sell or steal data. This can disrupt operations and cause major damage to data.

3. Phishing attacks

Phishing attacks are one of the most prevalent cybersecurity threats in today’s business environment.

According to Verizon’s 2021 Data Breach Investigations Report (DBIR), phishing is the top “variety of action” seen in breaches in 2020, with 43% of breaches involving phishing and/or pretexting.

Phishing aims to trick users into compromising important and confidential information. Typically, attackers use fake emails that look trustworthy or from legitimate sources.

The main idea is to make users perform some actions (e.g. clicking on a link or opening email attachments) that allow attackers to install malware on their devices.

4. Attacks in the cloud

The cloud has become a critical part of our everyday life. However, we should be aware that not all cloud services provide secure authentication and encryption.

Incorrect configuration can cause cybercrime, including intrusions, network vulnerabilities and data leaks.

According to IBM, more than half of the breaches threats to cybersecurity in the cloud are caused by simple issues. While, two-thirds of cloud security incidents can be prevented by checking configurations.

5. Malvertising attacks

Malicious advertising, also known as malvertising, is an emerging new form of cybercrime.

Through this technique, cybercriminals inject malicious code into digital ads that redirect users to malicious websites or install malware on their devices.

It is very difficult to be identified by internet users and editors. Thus, they are usually served to consumers through legitimate advertising networks. Any advertisement displayed on websites may present a risk of infection.

Even some world-renowned companies have inadvertently displayed malicious ads on their websites.

More cyber attacks related to COVID-19

Cybercriminals quickly exploited the pandemic, using it as a pretext for phishing emails, fake apps and interesting links to malicious websites.

As 2022 progresses, there are likely to be more COVID-19 related developments around the world, new variants, vaccine news and booster dose offers for example.

Cybercriminals are eager to exploit these developments to continue tricking company employees into downloading malicious software or providing sensitive information that can be used for cybercrime.

CipherTrust enables businesses to protect their structure against cybersecurity threats

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

To handle the complexity of where data is stored, CipherTrust Data Security Platform provides strong capabilities to protect and control access to sensitive data in databases, files, and containers. Specific technologies include:

CipherTrust Transparent Encryption

Encrypt data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

It provides transparent column-level encryption of structured and confidential data that resides in databases such as credit card, social security numbers, national identification numbers, passwords, and e-mail addresses.

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

It offers application-level data tokenization services in two convenient solutions that provide customer flexibility – Token without Vault with dynamic policy-based data masking and Tokenization in Vault.

CipherTrust Batch Data Transformation

Provides static data masking services to remove sensitive information from production databases, so that compliance and cybersecurity issues are alleviated when sharing a database of information with a third party for analysis, testing or other processing.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

The portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables companies to protect data at rest and in motion across the entire IT ecosystem and ensures that the keys to this information are always protected and only under your control.

It simplifies data cybersecurity, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

The CipherTrust platform ensures that your data is secure, with a wide range of proven, industry-leading products and solutions for deployment in data centers, either those managed by cloud service providers (CSPs) or managed service providers (MSPs), or as a cloud-based service managed by Thales, a leading security company.

Tool portfolio that ensures data protection

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthen cybersecurity and compliance

CipherTrust data protection products and solutions address the demands of a range of security and privacy requirements, including electronic identification, authentication and trust, Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Law (LGPD), among other compliance requirements.

Optimizes team and resource efficiency

CipherTrust Data Security Platform offers the broadest support for data security use cases in the industry, with products designed to work together, a single line for global support, a proven track record of protecting against evolving threats, and the industry’s largest ecosystem of data security partnerships.

With a focus on ease of use, APIs for automation, and responsive management, the CipherTrust Data Security Platform solution ensures that your teams can quickly deploy, secure, and monitor the protection of your business.

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

CipherTrust Data Security Platform’s data protection portfolio offers a broad set of data security products and solutions that can be easily scaled, expanded for new use cases, and have a proven track record of protecting new and traditional technologies.

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About EVAL

EVAL has been developing projects in the financial, health, education and industry segments for over 18 years. Since 2004, we have offered Authentication, Electronic and Digital Signature and Data Protection solutions. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval safety is value.

Categories
Data Protection

Fighting cyber attacks: the importance of prevention

Throughout 2021, individuals, businesses and governments have all been concerned about combating cyber attacks.

Keeping our data safe in a world where everything is on the Internet, from travel diaries to credit card information, data protection has become one of the most pressing challenges of cybersecurity.

Ransomware, phishing attacks, malware attacks, and other cybersecurity threats are some examples. No wonder that one of the fastest growing areas in IT is combating cyber attacks.

The need for data protection is increasingly recognized by organizations.

Companies, in particular, are paying more attention, as data breaches cause great damage every year and expose large amounts of personal information.

The fight against cyber attacks is increasing as society is increasingly connected

Although many of the attacks that occurred in 2021 were caused by the increased use of the Internet as a result of the pandemic of coronaviruses and blockades, the threat to businesses remains significant.

With the cost of combating global cyberattacks estimated to reach $10.5 trillion by 2025, according to
Cybersecurity Ventures
a specialist cybercrime magazine, the threats posed by cybercriminals will only increase as organizations become more reliant on the internet and technology.

Ransomware cases increased in 2021 by about 62% from 2019, and it is considered the top threat this year. In fact, cyber threats are becoming more sophisticated during these times and are much more difficult to detect.

The nature of all attacks are much more dangerous than a simple theft. So let’s dig a little deeper into this discussion by showing the top cyber attack cases occurring in 2021.

The Colonial Pipeline

If we are going to talk about cyber attacks occurring in 2021, then Colonial Pipeline should be on the list.

Considered the largest fuel pipeline in the United States, it experienced a cyber attack in May 2021, disrupting fuel distribution in 12 states for a few days. The company had to pay $4.5 million as ransom to resolve the situation.

Florida’s supply system

A cybercriminal tried to poison the water supply in Florida and managed to increase the amount of sodium hydroxide to a potentially dangerous level.

The cyber attacks occurred by hacking into the IT systems of the Oldsmar city water treatment plant, briefly increasing the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million. This scenario is an example of how an invasion of critical infrastructure at any level puts residents’ lives at risk.

Microsoft Exchange

A massive cyber attack has affected millions of Microsoft customers worldwide, in which cybercriminals actively exploited four Zero Day vulnerabilities in Microsoft’s Exchange Server solution.

At least nine government agencies, as well as more than 60,000 private companies in the United States alone, are believed to have been affected by the attack.

Aircraft Manufacturer Bombardier

A popular Canadian aircraft manufacturer, Bombardier, suffered a data breach in February 2021. The breach resulted in the compromise of confidential data of suppliers, customers, and about 130 employees located in Costa Rica.

The investigation revealed that an unauthorized party gained access to the data by exploiting a vulnerability in a third-party file transfer application.

Acer Computers

World-renowned computer giant Acer suffered a ransomware attack, being asked to pay a ransom of $50 million, which made the record for the largest ransom known to date.

A cybercriminal group called Revil is believed to be responsible for the attack. The digital criminals also announced the breach on their website and leaked some images of the stolen data.

In Brazil it was no different in terms of the intensity of attacks and cybercrime

In a survey conducted by digital security company Avast, cybercriminals continue to take advantage of the Covide-19 pandemic by exploiting people’s habits created during the lockdown period to spread scams.

Following the global trend, ransomware attacks, cryptocurrency malware, and other scams were prevalent in Brazil.

For mobile devices, adware and fleeceware are among the top threats. According to Avast, the growth of ransomware attacks in Brazil was stronger than the global average.

Combating cyber attacks is already a major concern for most Brazilian companies today, as many of these attacks occurred only in 2021, such as the one that occurred at Lojas Renner, which completely paralyzed the system.

We still had the case of the Fleury group, which was unable to perform tests for several days, and JBS, which was forced to pay US$ 11 million in ransom for the hacker attack on its operation in the United States, all these situations put the issue even more in evidence in Brazil.

Organs and companies linked to the Brazilian government have also been targeted by cybercriminals. Social Security, the Ministry of Labor, the Federal Public Ministry, Petrobras, among other organizations have also suffered attacks.

How Ransomware uses Unprotected Remote Access Protocols (RDP)

Already in 2021, the LGPD offered an opportunity for companies to rethink how they fight cybercrime.

The General Data Protection Law (LGPD) went into effect in September 2020. The overall goal of the new legislation is to establish a regulatory framework for the protection of personal data, making it easier for all Brazilian citizens to understand how their data is used and, if necessary, to file a complaint about its processing.

The goal of the LGPD can be summarized in three key points:

  • Strengthening the rights of individuals;
  • Train the actors involved in data processing;
  • Increase the credibility of regulation through cooperation between data protection authorities.

If there is one thing that the LGPD achieved during the year 2021, it was to raise awareness about data protection and privacy issues. In practice, companies cannot sweep incidents under the rug because of the risk of revenue-based fines.

The data protection law has also given companies more visibility into the data they are collecting. The basic principle of the LGPD is that companies know what data they have and ensure that they are processing it correctly and securely.

LGPD compliant companies now have the basic elements they need to build a good information security program because if you don’t know what you have, you don’t know what to protect.

The Data Protection and Privacy Act has also changed the financial equation for organizations when it comes to privacy risk. This has encouraged companies to think holistically about risks and invest in improving privacy controls and governance.

Invest in 2022 and beyond. CipherTrust solution enables the fight against digital crime

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

To handle the complexity of where data is stored, CipherTrust Data Security Platform provides strong capabilities to protect and control access to sensitive data in databases, files, and containers. Specific technologies include:

CipherTrust Transparent Encryption

Encrypt data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

It provides transparent column-level encryption of structured and confidential data that resides in databases such as credit card, social security numbers, national identification numbers, passwords, and e-mail addresses.

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

It offers application-level data tokenization services in two convenient solutions that provide customer flexibility – Token without Vault with dynamic policy-based data masking and Tokenization in Vault.

CipherTrust Batch Data Transformation

CipherTrust’s solution designs data protection products and solutions against cyber attacks to meet a range of security and privacy requirements, including electronic identification, authentication, and trust.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

The portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables companies to protect data at rest and in motion across the entire IT ecosystem and ensures that the keys to this information are always protected and only under your control.

It simplifies data security against cyber attacks, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

The CipherTrust platform offers a wide range of proven, market-leading products and solutions to ensure the fight against cyber attacks.

These products can be deployed in data centers or at cloud service providers (CSPs) or managed service providers (MSPs). In addition, you can also count on the cloud-based service managed by Thales, a leading company in the security industry.

Portfolio of tool to ensure cybercrime is tackled

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthen security and compliance

CipherTrust designs its data protection products and solutions against cyber attacks to meet a range of security and privacy requirements, including electronic identification, authentication, and trust.

In addition, these products are also compliant with the Payment Card Industry Data Security Standard (PCI DSS), the General Data Protection Act (LGPD), and other compliance requirements.

Optimizes team and resource efficiency against security incidents

CipherTrust Data Security Platform is the industry leader and provides extensive support for data security use cases.

With products designed to work together, a single thread for global support, and a proven track record of protecting against evolving threats, this platform also boasts the industry’s largest ecosystem of data security partnerships.

The CipherTrust Data Security Platform solution was developed with a focus on ease of use, with APIs for automation and responsive management.

With this solution, your teams can quickly implement, secure, and monitor the protection of your business against cyber attacks.

In addition, professional services and partners are available to assist in implementation and staff training, ensuring fast and reliable implementations.

In this way, it is possible to reduce the time required from your staff for these activities.

Reduces total cost of ownership

The CipherTrust Data Security Platform offers a broad set of data security products and solutions for protection against cyber attacks.

This portfolio can be easily scaled, expanded for new use cases, and has a proven track record of protecting both new and traditional technologies.

With the CipherTrust Data Security Platform, companies can prepare their investments to combat cyberattacks while reducing operational costs and capital expenditures.

About Eval

EVAL has been developing projects in the financial, health, education and industry segments for over 18 years. Since 2004, we have offered Authentication, Electronic and Digital Signature and Data Protection solutions. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Categories
Data Protection

Ransomware Protection: Focus on Backup and Recovery

Ransomware protection has been one of the main challenges faced by companies of all types, sizes and segments, and technology teams must be ready to take all necessary measures to minimize risks and ensure high availability of operations.

In August this year (2021), global consulting firm Accenture suffered a ransomware attack that threatened sensitive data. This made it another victim in a long line of organizations that have suffered from this type of attack in recent months.

Accenture was “lucky”. Prior to the incident, the company implemented security controls and protocols to protect its IT infrastructure against these threats and prepared a response against ransomware attacks.

As far as the company knows, no customer data or sensitive information was compromised after the attack.

However, many other companies have not been so lucky. Ransomware attacks add up to millions in lost revenue, recovery costs and ransom payments.

Even companies with required ransomware protection actions can still fall victim to attacks, a threat that continues to increase as ransomware becomes more sophisticated and adept at infecting backup data.

IT is under increasing pressure to ensure protection against Ransomware

A big challenge for companies that still struggle to implement effective policies and actions that include security, backup and recovery.

This is shown in Veeam’s Data Protection 2021 report, which points out that 58% of enterprise backups fail, leaving data unprotected against cyberattacks and cybercriminals.

Indeed, data backups and recovery procedures are the first line of defense for protection against Ransomware and other threats, but these backups must be fully protected.

This not only includes physical protections such as video surveillance or entry-exit logging, but also comprehensive storage and network security, which can include a wide range of protections.

An IT team, for example, can use vulnerability scanning, network segmentation, multi-factor authentication, network monitoring, intrusion detection systems and anti-malware/anti-ransomware software to ensure the protection of backups performed during companies’ business operations.

For an effective Ransomware protection, keep at least two copies of each backup

Store them on different types of media and locate them somewhere other than the primary network. At least one of these backups should be immutable and kept offline.

With an immutable backup, data can be written only once, usually in a single session, and cannot be updated or deleted, a strategy often referred to as WORM (write once, read many).

Along with these protections, IT teams must also ensure that all systems are patched and updated in a timely manner.

Backup protection should be part of the prevention strategy against ransomware attacks

The first step in preventing ransomware attacks is to review and update backup policies. These policies should reflect what data the organization has, where it is, and the systems that IT teams should recover first in the event of an attack.

Effective policies detail and validate everything that businesses need to back up and when those backups should occur. Perform data backup operations regularly and frequently, with critical data most of the time.

Also, check and analyze backups for infections. In practice, policies should specify how long to retain backups. Remember that ransomware can remain in the background for quite some time.

An organization should have a comprehensive monitor and alert system that tracks the entire technology backend, including endpoint and network environment, looking for anomalies in traffic, data patterns, user behavior and access attempts.

The protection framework created for the backup should be able to automatically respond to ransomware attacks

Such as quarantine of infected systems. These systems can use machine learning and other advanced technologies to identify and mitigate threats.

Ensure end users receive the education and training they need to minimize risky behavior and know what to do if they suspect their machines have been infected.

Don’t forget that IT teams should take all possible measures to reduce the network attack surface and limit the possibility of end-user actions resulting in ransomware.

Finally, to ensure efficient ransomware protection, IT teams should bring clean systems online, check which backups can be safely restored, and then recover data from those structures.

Once the systems are up and running, they should document lessons learned and take all necessary measures to reduce the risk of subsequent ransomware attacks.

How Ransomware uses Unprotected Remote Access Protocols (RDP)

CipherTrust Data Security Platform Enables Assertive Investment in Ransomware Protection

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

To handle the complexity of where data is stored, CipherTrust Data Security Platform provides strong capabilities to protect and control access to sensitive data in databases, files, and containers. Specific technologies include:

CipherTrust Transparent Encryption

Encrypts data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

It provides transparent column-level encryption of structured and confidential data that resides in databases such as credit card, social security numbers, national identification numbers, passwords, and e-mail addresses.

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

It offers application-level data tokenization services in two convenient solutions that provide customer flexibility – Token without Vault with dynamic policy-based data masking and Tokenization in Vault.

CipherTrust Batch Data Transformation

Provides static data masking services to remove sensitive information from production databases so that compliance and security issues are alleviated when sharing a database with a third party for analysis, testing, or other processing.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

The portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables Ransomware protection for data at rest and in motion across the IT ecosystem, ensuring that the keys to that information are always protected and only under your control.

It simplifies data security, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

The CipherTrust platform ensures that your data is secure, with a wide range of proven, industry-leading products and solutions for deployment in data centers, either those managed by cloud service providers (CSPs) or managed service providers (MSPs), or as a cloud-based service managed by Thales, a leading security company.

Tool portfolio that ensures data protection against ransomware attacks

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthening security and compliance against ransomware attacks

CipherTrust data protection products and solutions address the demands of a range of security and privacy requirements, including electronic identification, authentication and trust, Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Act (LGPD), and other compliance requirements.

Optimizes the efficiency of the team and resources used to protect against Ransomware

CipherTrust Data Security Platform offers the broadest support for data security use cases in the industry, with products designed to work together, a single line for global support, a proven track record of protecting against evolving threats, and the industry’s largest ecosystem of data security partnerships.

With a focus on ease of use, APIs for automation, and responsive management, the CipherTrust Data Security Platform solution ensures that your teams can quickly deploy, secure, and monitor the protection of your business.

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

The CipherTrust Data Security Platform Ransomware Protection portfolio offers a broad set of data security products and solutions that can easily scale, expand to new use cases, and have a proven track record of protecting new and traditional technologies.

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About EVAL

EVAL has been developing projects in the financial, health, education and industry segments for over 18 years. Since 2004, we have offered Authentication, Electronic and Digital Signature and Data Protection solutions. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.