Tag Archives: ransomware

Log4j Vulnerability Update – Dec 14, 2021

Posted on by

2021-12-14 Update

CryptoStopper security engineers continue to monitor the Log4Shell vulnerability closely. Extensive testing has been completed and we have confirmed no Log4j vulnerabilities exist within the CryptoStopper ecosystem.

Ongoing monitoring and testing will continue. Any relevant updates will be posted here. 

2021-12-10 Email Notification Sent to Partners

A zero-day exploit affecting the popular Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021 that results in remote code execution (RCE). We are closely monitoring the situation and have not identified any systems within the CryptoStopper ecosystem vulnerable to the exploit.

All organizations using Log4j should update to version 2.15.0 as soon as possible. The latest version can be found at the Log4j download page.

Because of the widespread use of Java and Log4j, this is a serious threat to MSPs and software providers within the channel. Please verify that your systems and software providers are not vulnerable.

Left or Right of Boom? Cover All Your Bases with Cybersecurity

Posted on by

Military terminology can be a great descriptor for the various actions and approaches taken in the IT industry. A case in point is what some refer to as the “left of boom” and “right of boom” methodologies in the cybersecurity area, indicating the different ways companies protect their data and business systems. The former refers to the moments before a bomb explodes, while the latter is what comes after. Substitute “breach” into that equation instead of detonation, and you have the perfect way to describe cybersecurity approaches.

Left of boom covers all the typical prevention methods that MSPs employ to protect their clients before a breach, including implementing firewalls, encryption technologies, security awareness training, and multi-factor authentication. Cybersecurity risk assessment, vulnerability scanning, and other proactive evaluation techniques can also help minimize the growing threats that businesses face today.

Inversely, the right of boom measures come into play after an incident. If a ransomware attack occurs or a hacker “strikes gold,” your clients will most likely look to their MSP for help, though today, most if not all of those plans should already be in place. However, no business should put too much reliance on reactive measures, especially if they value their data or need to meet certain compliance requirements.   A single employee lapse of judgment could be extremely costly in those scenarios.

Bring Balance to the Boom

Like critical police and emergency services, the response to a cybersecurity incident is never instantaneous. Time is crucial. A few minutes delay could let cybercriminals steal or encrypt terabytes of data and corrupt scores of your clients’ business-critical servers and other computer systems. The ease with which ransomware pervades networks is frightening, and it can take days, if not weeks, to repair the technology-related damage. Losses due to downtime and hits on the company’s reputation may never be recovered.

“Right of boom” solutions are essential for minimizing your client’s recovery time. However, heavy reliance on those measures can leave those businesses vulnerable to the smallest mistake or system failure. One misstep or outage could wipe out days of data. Without periodic testing, your clients could be in for a big surprise if ransomware were to infiltrate their critical business systems and applications.

Complete reliance on “left of boom” solutions is not the optimal choice, either. While investing in the prevention side of the equation is critical for eradicating critical vulnerabilities and deterring attackers, every organization needs failsafe options to remediate damage if anything does get through. Determined cybercriminals will find a way.

Striking a proper balance with investments on both sides of the “boom” is essential. A common MSP practice is to take the front-loaded cybersecurity, providing clients with more proactive measures that deter attacks and focusing on a few key remediation options to cover all the bases.

Cover the Middle Ground, Too         

Left and Right of Boom provide great context for your cybersecurity strategies. Keeping it simple for non-techie clients is essential. Explaining that you have proactive measures and remediation options in place to cover the inevitable attacks can keep their eyes from hazing over. Throwing in the military jargon can liven up the discussion.

However, the situation may not be as clear-cut as a true left and right approach. There is a middle ground in cybersecurity, solutions and measures that work both proactively and reactively to mitigate the effects of an attack.

CryptoStopper fills that role for MSPs. Consider it a prevention control that swiftly responds to ransomware before it achieves its objectives, mitigating the impact on your clients’ data and systems. Automatically detecting and stopping actively running attacks protects the middle ground, saves your team and your clients a lot of time and headaches, and avoids the cost and embarrassment that often comes with remediation.

CryptoStopper is that insurance policy for when ransomware breaks through the first hurdles. It sits in that cybersecurity sweet spot just to the left of boom before an attack can cause real damage. Are you covering all your bases on data protection? Drop the “boom” on ransomware today by partnering with CryptoStopper.

Constructing a Valued Cybersecurity Bundle

Posted on by

The ultimate defense is a myth. However, the growing anxiety about ransomware, phishing, and other cyberattacks is putting a lot of pressure on MSPs. How do you design the best protection packages for a wide array of clients? Given the shifting business and threat environments, that objective is becoming a bigger challenge every day, yet it is a task that every IT services firm must address.

The hard part for MSPs is striking a balance. How can you design, implement, and support a cost-effective portfolio to protect your clients from a rising list of threats? No two businesses, let alone industries, are the same today.

The difficulties of protecting those organizations, as well as your own – especially with the increasing risk of attacks on MSPs and their supply chain partners – seem to be escalating at break-neck speed. With all those increasingly complex challenges, how can an IT service firm ensure its portfolio is up to the task?

The first step is to instill a strong focus on cybersecurity across the spectrum. No system will ever be foolproof, especially when humans are involved. The threats are sure to morph into different and more powerful attacks, and no matter how great the protection, some are likely to break through one or more of the defenses. That’s the reality of the situation that MSPs are dealing with today.

Your efforts may not always be rewarded. However, developing an effective set of tools and practices is the only way to keep pace with cybercriminals and minimize the potential damage to the IT systems entrusted to your firm. Cybersecurity bundles are becoming an increasingly common solution.

If You Build it, Will They Come?

There is no surefire way to stop every attack, but that should still be the top goal for every MSP. Your clients want, need, and have the right to receive the best possible protection, though the latter point may be debatable if the businesses withhold payments or nickel and dime you to death. The challenge is to develop cybersecurity packages containing the applications and services that address the key requirements of all the businesses in your target audience (including prospects).

MSPs aiming to construct foolproof systems for each client will ultimately fail. Determined cybercriminals will find a way in and eventually breach even the most complex defense. The targets are shifting quickly as the dark side implements AI and other innovative methods to trick people or conquer the latest protection measures.

End-users are also increasingly susceptible to the deceptive methods being deployed by cybercriminals, forcing businesses and their IT services support teams to constantly develop more capable cyber defenses. While a “one size fits all” approach is not advisable for MSPs, building variable packages with a core cybersecurity offering helps to address different organizational needs and regulatory compliance requirements.

Bundling can enhance specific discipline areas or verticals or provide enhanced protection to clients with higher-value data or security needs (i.e., banks, financial institutions, or medical practices). The package approach simplifies sales and marketing activities and streamlines the discussions with less tech-savvy decision-makers.

Clients appreciate the benefits of bundling. Between all the moving pieces with technologies and support programs, and all the protection options, IT services and cybersecurity conversations can be quite taxing. Focusing on one or two potential bundles can improve the engagement and allow your team members to spend more time talking about upgrades in other areas of the client’s business.

The advantage of simplicity continues on the support side. Bundling reduces the available technology combinations, streamlining the troubleshooting and management processes for MSPs while reducing resolution times for your clients. Yes, easy is a mutual value proposition.

Cybersecurity Bundles for the Sales Win

A base and optional advanced protection package can simplify and speed your operations. The sales team can emphasize the benefits of each plan without droning on about the “speeds and feeds” of each specific piece of the technology. Bundling lets MSPs be creative, building a highly scalable offering or developing vertical or specialized packages that address each clients’ particular risks and budget situation.

For example, a basic offering may include a network security and vulnerability assessment, email security and encryption, anti-virus and malware applications, patch management, backup and data recovery, and an anti-ransomware solution like CryptoStopper. MSPs may add more extensive encryption measures, monitoring and device management and remote assistance to the core package or include it in their next level bundles.

Advanced packages might contain valuable measures like URL filtering, cybersecurity audits and forensics, continuous data protection solutions, and AI-based monitoring. The range of offerings can get quite sophisticated depending on the specific needs of the MSP’s clients.

No matter which packages you offer, your cybersecurity standards should never be compromised. Each bundle must include the bare minimum solutions required to effectively protect that particular client. For instance, an MSP may only offer the top-tier plan for businesses that allow remote work or operate in heavily regulated industries. Non-profits or companies with lesser cyber risks can start with a robust but cost-effective base package.

Bundling should never be complicated. When properly designed and managed, these comprehensive yet streamlined cybersecurity packages can make life simpler for everyone and provide your clients with an effective and affordable way to protect their businesses.