Security : Data Breach : :
CryptoLocker Modern Day Highwaymen
What can a company do to protect themselves?
Chief Technology Officer
Kyle Kennedy, data security expert and CTO of STEALTHbits Technologies commented on reports that brokerage house Benjamin F. Edwards suffered a data breach in May that resulted in customer data being stolen from its computer systems, and that the firm said that an employee's computer system was infected by CryptoWall malware, a variant of the well-known CryptoLocker, which encrypted files on shared drives to which the employee had access. Not only did the malware encrypt the files but it transferred customer data to a suspicious IP address.
Kennedy said, “The behavior of CryptoWall analyzed as individual events looks like normal behavior. The files are being accessed using legit credentials, the behavior pattern looks like Microsoft Word, Microsoft Excel and most other software programs – save updates into temporary files before overwriting the original file.
However file activity reviewed from a larger context taking in all user activity, all folder activity, multiple folder activity, etc., the same overwrite pattern repeats across more than a few files would be highly suspicious possibly signaling malicious activity.
What can a company do to protect themselves? Beyond ensuring your employees have up-to-date AV protections, implementing intelligent monitoring for file systems on critical file shares can prevent CryptoWall from taking your critical data hostage by attackers. Defining a policy that intelligently analyzes temporary files being created and deleted repetitively in a short time frame on a critical resource will provide an organization’s security team insight that immediate intervention is required.”
STEALTHbits is all about data – Collecting data. Analyzing data. Protecting data. Enabling our customers to harness the power of their data and derive information by which to make decisions, solve problems, and streamline business processes is what we do best, and what we’ve been doing for over a decade.
Founded in 2001, STEALTHbits has extensive experience and deep expertise in the management of Microsoft technologies like Active Directory and Exchange, and governance solutions for unstructured data. With consistent growth, profitability, and a tenured management team that’s been at it since the start, STEALTHbits has emerged as a favorite solution provider for the world’s largest, most notable organizations, as well as a preferred partner to leaders in technology.
Advertise your product/service here!