Identifying the best server infrastructure security to protect against ransomware

March 14, 2019 | 80 views

Ransomware is becoming more costly, and the sophistication of attacks is only getting worse. Here are some helpful tips to not only prevent attacks, but to minimize the damage in case of a breach. If you've been paying attention to the news recently, you probably don't need to be convinced of the threat that ransomware poses to your data and the increasing need for strong server infrastructure security. A recent report from Cybersecurity Ventures estimated that the worldwide cost of attacks would jump from $5 billion in 2017 to $8 billion in 2018—and that figure is expected to reach $11.5 billion in 2019.

Spotlight

MaRS Discovery District

MaRS is a global innovation hub connecting and fostering collaboration among the communities of business, capital, and technology entrepreneurs.

OTHER ARTICLES
AI TECH

The Revolutionary Power of 5G in Automation and Industry Digitization

Article | July 20, 2022

Fifth-generation (5G) mobile phone networks that can carry data up to 50 times faster than major carriers' current phone networks are now rolling out. But 5G promises to do more than just speed up our phone service and download times. The mobile industry's fifth-generation (5G) networks are being developed and are prepared for deployment. The expansion of IoT and other intelligent automation applications is being significantly fueled by the advancing 5G networks, which are becoming more widely accessible. For advancements in intelligent automation—the Internet of Things (IoT), Artificial Intelligence (AI), driverless cars, virtual reality, blockchain, and future innovations we haven't even considered yet—5 G's lightning-fast connectivity and low-latency are essential. The arrival of 5G represents more than simply a generational shift for the tech sector as a whole. Contributions by 5G Networks For a number of reasons, the manufacturing sector is moving toward digitalization: to increase revenue by better servicing their customers; to increase demand; to outperform the competition; to reduce costs by boosting productivity and efficiency; and to minimize risk by promoting safety and security. The main requirements and obstacles in the digitization industry were recently recognized by a study. Millions of devices with ultra-reliable, robust, immediate connectivity. Gadgets, which are expensive with a long battery life. Asset tracking along the constantly shifting supply chains. Carrying out remote medical operations. Enhancing the purchasing experience with AR/VR. Implementing AI to improve operations across the board or in various departments. The mobile telecommunications requirements of the Internet of Things cannot be met by the current 4G and 4G LTE networks. Compared to current 4G LTE networking technologies, 5G can also offer a solution to the problem and the quickest network data rate with a relatively low cost and greater communication coverage. The 5G network's quick speeds will lead to new technical developments. The upcoming 5G technology will support hundreds of billions of connections, offer transmission speeds of 10 Gbps, and have an extremely low latency of 1 ms. Additionally, it makes rural areas' services more dependable, minimizing service disparities between rural and urban areas. Even though the 5G network is a development of the 4G and 4G LTE networks, it has a whole new network design and features like virtualization that provide more than impressively fast data speeds.

Read More
SOFTWARE

AI's Impact on Improving Customer Experience

Article | August 8, 2022

To enhance the consumer experience, businesses all over the world are experimenting with artificial intelligenace (AI), machine learning, and advanced analytics. Artificial intelligence (AI) is becoming increasingly popular among marketers and salespeople, and it has become a vital tool for businesses that want to offer their customers a hyper-personalized, outstanding experience. Customer relationship management (CRM) and customer data platform (CDP) software that has been upgraded with AI has made AI accessible to businesses without the exorbitant expenses previously associated with the technology. When AI and machine learning are used in conjunction for collecting and analyzing social, historical, and behavioral data, brands may develop a much more thorough understanding of their customers. In addition, AI can predict client behavior because it continuously learns from the data it analyzes, in contrast to traditional data analytics tools. As a result, businesses may deliver highly pertinent content, boost sales, and enhance the customer experience. Predictive Behavior Analysis and Real-time Decision Making Real-time decisioning is the capacity to act quickly and based on the most up-to-date information available, such as information from a customer's most recent encounter with a company. For instance, Precognitive's Decision-AI uses a combination of AI and machine learning to assess any event in real-time with a response time of less than 200 milliseconds. Precognitive's fraud prevention product includes Decision-AI, which can be implemented using an API on a website. Marketing to customers can be done more successfully by using real-time decisioning. For example, brands may display highly tailored, pertinent content and offer to clients by utilizing AI and real-time decisioning to discover and comprehend a customer's purpose from the data they produce in real-time. By providing deeper insights into what has already happened and what can be done to facilitate a sale through suggestions for related products and accessories, AI and predictive analytics are able to go further than historical data alone. This increases the relevance of the customer experience, increases the likelihood that a sale will be made, and increases the emotional connection that the customer has with a brand.

Read More
SOFTWARE

The Evolution of Quantum Computing and What its Future Beholds

Article | August 2, 2022

The mechanism of quantum computers will be entirely different from anything we humans have ever created or constructed in the past. Quantum computers, like classical computers, are designed to address problems in the real world. They process data in a unique way, though, which makes them a much more effective machine than any computer in use today. Superposition and entanglement, two fundamental ideas in quantum mechanics, could be used to explain what makes quantum computers unique. The goal of quantum computing research is to find a technique to accelerate the execution of lengthy chains of computer instructions. This method of execution would take advantage of a quantum physics event that is frequently observed but does not appear to make much sense when written out. When this fundamental objective of quantum computing is accomplished, and all theorists are confident works in practice, computing will undoubtedly undergo a revolution. Quantum computing promises that it will enable us to address specific issues that current classical computers cannot resolve in a timely manner. While not a cure-all for all computer issues, quantum computing is adequate for most "needle in a haystack" search and optimization issues. Quantum Computing and Its Deployment Only the big hyperscalers and a few hardware vendors offer quantum computer emulators and limited-sized quantum computers as a cloud service. Quantum computers are used for compute-intensive, non-latency-sensitive issues. Quantum computer architectures can't handle massive data sizes yet. In many circumstances, a hybrid quantum-classical computer is used. Quantum computers don't use much electricity to compute but need cryogenic refrigerators to sustain superconducting temperatures. Networking and Quantum Software Stacks Many quantum computing software stacks virtualize the hardware and build a virtual layer of logical qubits. Software stacks provide compilers that transform high-level programming structures into low-level assembly commands that operate on logical qubits. In addition, software stack suppliers are designing domain-specific application-level templates for quantum computing. The software layer hides complexity without affecting quantum computing hardware performance or mobility.

Read More
FUTURE TECH

Language Models: Emerging Types and Why They Matter

Article | July 7, 2022

Language model systems, often known as text understanding and generation systems, are the newest trend in business. However, not every language model is made equal. A few are starting to take center stage, including massive general-purpose models like OpenAI's GPT-3 and models tailored for specific jobs. There is a third type of model at the edge that is intended to run on Internet of Things devices and workstations but is typically very compressed in size and has few functionalities. Large Language Models Large language models, which can reach tens of petabytes in size, are trained on vast volumes of text data. As a result, they rank among the models with the highest number of parameters, where a "parameter" is a value the model can alter on its own as it gains knowledge. The model's parameters, which are made of components learned from prior training data, fundamentally describe the model's aptitude for solving a particular task, like producing text. Fine-tuned Language Models Compared to their massive language model siblings, fine-tuned models are typically smaller. Examples include OpenAI's Codex, a version of GPT-3 that is specifically tailored for programming jobs. Codex is both smaller than OpenAI and more effective at creating and completing strings of computer code, although it still has billions of parameters. The performance of a model, like its capacity to generate protein sequences or respond to queries, can be improved through fine-tuning. Edge Language Models Edge models, which are intentionally small in size, occasionally take the shape of finely tuned models. To work within certain hardware limits, they are occasionally trained from scratch on modest data sets. In any event, edge models provide several advantages that massive language models simply cannot match, notwithstanding their limitations in some areas. The main factor is cost. There are no cloud usage fees with an edge approach that operates locally and offline. As significant, fine-tuned, and edge language models grow in response to new research, they are likely to encounter hurdles on their way to wider use. For example, compared to training a model from the start, fine-tuning requires less data, but fine-tuning still requires a dataset.

Read More

Spotlight

MaRS Discovery District

MaRS is a global innovation hub connecting and fostering collaboration among the communities of business, capital, and technology entrepreneurs.

Related News

GandCrab Ransomware Slingers Target MSPs

Infosecurity Magazine | February 15, 2019

A software company has been forced to remind customers to patch a two-year-old flaw in a third-party plug-in, after reports it is being exploited to infect scores of companies with GandCrab ransomware via their managed security provider (MSP). The issue relates to CVE-2017-18362, a flaw which affects the Connectwise Manage plug-in for the Kaseya VSA remote-monitoring tool. ConnectWise Manage is a professional services automation (PSA) product popular among IT support staff in MSPs. “This vulnerability allows a remote attacker to execute arbitrary SQL commands against the Kaseya VSA database, which means they can create administrative users, change user passwords, or even create tasks to deploy software to all endpoints under management,” explained Chris Bisnett, co-founder of Huntress Labs. “This week an unknown attacker leveraged the vulnerable integration to attack MSPs and their customers by tasking all managed endpoints to download and execute a ransomware variant known as GandCrab. This type of attack is particularly devastating because the Kaseya RMM tool has remote administrative (SYSTEM) access to all managed endpoints leading to a quick and complete compromise of all customer assets.” The incident was first revealed in a Reddit post a few days ago with the user claiming if affected a “local mid-sized MSP with about 80 clients” — all of which were apparently infected. Kaseya was forced to issue an update on the ConnectWise plugin bug. “Kaseya takes security very seriously and recommends that all customers using the Connectwise Plugin for VSA upgrade to the newly released version of the Plugin immediately or alternatively remove all versions of this Plugin,” it stated. The news is yet another example of the lengths ransomware authors are now going to in order to get their wares on as many victim machines as possible.

Read More

Ransomware Sees Further Decline, Banking Trojan Use Steps Up

Infosecurity Magazine | February 07, 2019

Ransomware accounted for one tenth of 1% of all malicious email content in Q4, according to a new threat report from Proofpoint. It’s Q4 threat report found that banking trojans accounted for 56% of all malicious payloads in email in Q4, while remote access trojans (RATs) accounted for 8.4%. Proofpoint claimed that this marked a “significant change” for RATs, as in previous years they were rarely used by attackers. The report stated that email remains the top vector for malware distribution and phishing, while email fraud, also known as business email compromise (BEC), continues to grow rapidly. Ransomware message volumes dropped significantly from Q2 to Q4 “suggesting that ransomware campaigns did not generate sufficient returns for threat actors to continue distributing them at scale.” Speaking to the Risky Business podcast in November, Sherrod DeGrippo, Proofpoint’s director of threat research and detection, said that ransomware “has basically evaporated” after it was in the headlines for many months. “I probably attribute that to the fact that cryptocurrency is so difficult for the average consumer to use, and what we’ve seen instead is, back to cryptocurrency, they are bolting on crypto-miners to just about everything: commodity banking trojans, commodity RATs and keyloggers and pretty basic crimeware stuff,” she said. “We’re starting to see banking trojans have crypto-miners bolted on to them so they steal the money from the traditional bank account and then leave the crypto-miner behind.” In an email to Infosecurity, Ed Tucker, CISO and co-founder of Email Auth, Byte and Human Firewall, said that this research highlights that ransomware is actually less of a prevalent threat both to the individual and business, and criminals know that trojans work.

Read More

Ryuk Ransomware Takes Down Cloud Hosting Provider’s Systems

SDxCentral | January 02, 2019

A ransomware attack with ties to North Korea took down cloud hosting provider Data Resolution’s systems on Christmas Eve. The California-based company provides software hosting, cloud computing, and data center services for about 30,000 businesses worldwide. First reported by KrebsOnSecurity, the attackers used a compromised login account to infect servers with Ryuk ransomware. In August, Check Point threat researchers linked Ryuk to the North Korean Lazarus Group, also known as Hidden Cobra. This is the state-sponsored group believed to be behind the WannaCry attack in 2017. And over the weekend, Ryuk malware infected the Los Angeles Times’ Olympic printing plant in downtown Los Angeles. This attack delayed that newspaper’s Saturday editions as well as the West Coast editions of the Wall Street Journal and New York Times, which are also printed at that plant. Data Resolution did not immediately respond to a request for comment. According to security researcher Brian Krebs, the attack gave hackers control of Data Resolution’s data center domain, locking the company out of its own systems and forcing it to shut down its network. A Jan. 2 status update shared with customers said the cloud hosting provider is still working to restore email access and multiple databases for clients and is in the process of restoring service for companies that use it to host Microsoft Dynamics GP, a popular accounting and payroll software. Data Resolution reportedly told customers that no data was stolen.

Read More

GandCrab Ransomware Slingers Target MSPs

Infosecurity Magazine | February 15, 2019

A software company has been forced to remind customers to patch a two-year-old flaw in a third-party plug-in, after reports it is being exploited to infect scores of companies with GandCrab ransomware via their managed security provider (MSP). The issue relates to CVE-2017-18362, a flaw which affects the Connectwise Manage plug-in for the Kaseya VSA remote-monitoring tool. ConnectWise Manage is a professional services automation (PSA) product popular among IT support staff in MSPs. “This vulnerability allows a remote attacker to execute arbitrary SQL commands against the Kaseya VSA database, which means they can create administrative users, change user passwords, or even create tasks to deploy software to all endpoints under management,” explained Chris Bisnett, co-founder of Huntress Labs. “This week an unknown attacker leveraged the vulnerable integration to attack MSPs and their customers by tasking all managed endpoints to download and execute a ransomware variant known as GandCrab. This type of attack is particularly devastating because the Kaseya RMM tool has remote administrative (SYSTEM) access to all managed endpoints leading to a quick and complete compromise of all customer assets.” The incident was first revealed in a Reddit post a few days ago with the user claiming if affected a “local mid-sized MSP with about 80 clients” — all of which were apparently infected. Kaseya was forced to issue an update on the ConnectWise plugin bug. “Kaseya takes security very seriously and recommends that all customers using the Connectwise Plugin for VSA upgrade to the newly released version of the Plugin immediately or alternatively remove all versions of this Plugin,” it stated. The news is yet another example of the lengths ransomware authors are now going to in order to get their wares on as many victim machines as possible.

Read More

Ransomware Sees Further Decline, Banking Trojan Use Steps Up

Infosecurity Magazine | February 07, 2019

Ransomware accounted for one tenth of 1% of all malicious email content in Q4, according to a new threat report from Proofpoint. It’s Q4 threat report found that banking trojans accounted for 56% of all malicious payloads in email in Q4, while remote access trojans (RATs) accounted for 8.4%. Proofpoint claimed that this marked a “significant change” for RATs, as in previous years they were rarely used by attackers. The report stated that email remains the top vector for malware distribution and phishing, while email fraud, also known as business email compromise (BEC), continues to grow rapidly. Ransomware message volumes dropped significantly from Q2 to Q4 “suggesting that ransomware campaigns did not generate sufficient returns for threat actors to continue distributing them at scale.” Speaking to the Risky Business podcast in November, Sherrod DeGrippo, Proofpoint’s director of threat research and detection, said that ransomware “has basically evaporated” after it was in the headlines for many months. “I probably attribute that to the fact that cryptocurrency is so difficult for the average consumer to use, and what we’ve seen instead is, back to cryptocurrency, they are bolting on crypto-miners to just about everything: commodity banking trojans, commodity RATs and keyloggers and pretty basic crimeware stuff,” she said. “We’re starting to see banking trojans have crypto-miners bolted on to them so they steal the money from the traditional bank account and then leave the crypto-miner behind.” In an email to Infosecurity, Ed Tucker, CISO and co-founder of Email Auth, Byte and Human Firewall, said that this research highlights that ransomware is actually less of a prevalent threat both to the individual and business, and criminals know that trojans work.

Read More

Ryuk Ransomware Takes Down Cloud Hosting Provider’s Systems

SDxCentral | January 02, 2019

A ransomware attack with ties to North Korea took down cloud hosting provider Data Resolution’s systems on Christmas Eve. The California-based company provides software hosting, cloud computing, and data center services for about 30,000 businesses worldwide. First reported by KrebsOnSecurity, the attackers used a compromised login account to infect servers with Ryuk ransomware. In August, Check Point threat researchers linked Ryuk to the North Korean Lazarus Group, also known as Hidden Cobra. This is the state-sponsored group believed to be behind the WannaCry attack in 2017. And over the weekend, Ryuk malware infected the Los Angeles Times’ Olympic printing plant in downtown Los Angeles. This attack delayed that newspaper’s Saturday editions as well as the West Coast editions of the Wall Street Journal and New York Times, which are also printed at that plant. Data Resolution did not immediately respond to a request for comment. According to security researcher Brian Krebs, the attack gave hackers control of Data Resolution’s data center domain, locking the company out of its own systems and forcing it to shut down its network. A Jan. 2 status update shared with customers said the cloud hosting provider is still working to restore email access and multiple databases for clients and is in the process of restoring service for companies that use it to host Microsoft Dynamics GP, a popular accounting and payroll software. Data Resolution reportedly told customers that no data was stolen.

Read More

Events