Cyber Criminals are always looking for ways to hit the most people for the highest return. One of these ways is to target IT providers who have access to 100s of customers and 1,000s of workstations and servers. Unfortunately, there are a significant number of IT providers who are not protected against these types of attacks.
In 2019, there have been dozens of IT providers across the U.S. who have been attacked and their clients have been encrypted by ransomware.
Here is one way on how a cybercriminal can do it:
- Cybercriminal gains access to an unsecure application that an IT Provider is using to access or connect to their clients through a vulnerability of some sort.
- Once the cybercriminal is in the IT Provider’s network and gain administrative access, they will spread their ransomware to all of their clients computers and servers. Once they have made the biggest impact, they will also infect the IT Provider to reduce their capabilities of restoring their clients’ networks.
- Dozens of the IT Provider’s clients and their workstations and servers are encrypted by ransomware. The clients are largely down because a large number of critical files and systems are encrypted and held for ransom.
The clients only have 2 options to recover:
- Hope their backups are not encrypted. If it is not they can perform restorations of data. Depending on the type of backups and if they are unaffected by the ransomware, it can take several days to restore the data.
- Or to pay the ransom if they are not able to recover from backups. Every effort needs to be made to try and not pay the cybercriminals to fuel their success, but in some cases there is no choice.
This is obviously a major catastrophe. It will cost $10,000s to $100,000s of dollars in recovery and several days to weeks of downtime.
This all occurred because the IT Provider did not take the appropriate security measures to protect their customers.
Is CBM Technology protecting its clients’ data? Absolutely.
Can any IT provider say this? Sure.
Did these IT providers who were attacked say they protect their clients’ data? More than likely.
What about CBM Technology? Our IT network and the tools that we use are highly secured. We use multifactor authentication on every critical application that has access to our clients’ network and data. All of our administrative and employees’ passwords are long and highly complex and changed regularly. We employ state-of-the-art security measures to protect CBM Technology’s clients’ data.
How does CBM Technology prove this? We can prove it because we are SOC compliant. This means that a outside auditor audits our documentation, processes and security to help ensure that our clients’ data is protected and secured. Our audit report will demonstrate that we sure we do what we say we do.
In conclusion, it is important check with your IT Provider for proof on how they are protecting your data. They do mean well and it is not intentional to cause havoc because it will damage their reputation. However, shortcuts are sometimes taken or they just don’t know.
If you would like to learn more about how CBM Technology protects its clients data, feel free to email us @ firstname.lastname@example.org.
Blake Judice – Director of Business Development at CBM Technology. Blake Judice has been working with CBM Technology for nearly 15 years and has been in the technology industry for over 20 years with a heavy focus in IT security.