Congratulations to tw-Security—2024 Best in KLAS® Security & Privacy Services!

We're #1! Thank you to all our partners and customers!

Nearly 534,000 Affected in Data Theft at Managed Care Org

Wisconsin Nonprofit Says Attackers Also Tried to Encrypt Systems, But They Failed

… The fact that the ransomware was unsuccessful with encrypting the data could mean that the stored data – data at rest – was well-protected, perhaps through strong access controls, or being monitored,” said Tom Walsh, president of privacy and security consultancy tw-Security. “With ransomware now being offered as a service, it could also mean that the ransomware was being used by inexperienced attackers,” he said.

… Employing a managed security service provider to provide 24/7/365 monitoring is indeed important, Walsh said. “Many organizations are more vulnerable during the evenings/nights, weekends, and holidays when they have a smaller or no IT staff working.”

Walsh also said the use of data loss prevention to monitor and control the movement of confidential information across the network and endpoints and to cloud storage or cloud services can “identify and hopefully prevent unauthorized exfiltration of data.”

… Organizations also should store at least one set of backups offline, for confidential information in particular, said Walsh.

“This also helps when cloud-based backup systems have also been compromised or are not available,” he said. Walsh said organizations should segment backup systems from the rest of the network to prevent ransomware from spreading to backup servers and storage.

“Regularly test backup and recovery processes to ensure their effectiveness. Train the staff responsible for backups on best practices,” he said.

 

For more information or to schedule a FREE initial consultation – contact tw-Security.
Read More