Cybersecurity - The Ransomware Threat

On October 25, 2022, CôloBale AG was a participant of the Cyber-Security Event of ProCloud AG in Widenmoos Reitnau.
There, it could be learned that the topic of cyber security is unfortunately still given too little attention in most companies. Sophos published a survey in which it was made clear that 60% of Swiss companies were affected by ransomware attacks in 2021.

 

What is Ransomware?

Ransomware (Ransom = ransom / Ware = software) is called extortion software, or encryption Trojan by experts. With the help of ransomware, data is encrypted indissolubly for the user and he only regains access to it when he complies with a ransom demand. There are many different types of ransomware, the two best known being screenlockers, which lock the screen, and file encryptors, which encrypt data on the computer.
You often do not realize that you are affected by such an attack until the screen is already blocked or a ransom note appears that cannot be closed, because some ransomware variants have an incubation period. Thus, the damaging effect only occurs when the user no longer remembers where he might have caught the virus.

The ransom demands averaging 84,000 Swiss francs are only a small proportion of the costs incurred by a company after a ransomware attack. On average, the cost of a recovery for Swiss companies is 1.5 million francs, according to the survey. Furthermore, it takes at least one month on average to repair the damage of the business interruption.

 

Tools from the Darknet

Patrice Steiner, cyber security specialist and co-founder of ProCloud AG, demonstrated at the event how easy it is to procure hacking tools on the Darknet. The required tools can be purchased like in an online store with a few clicks and around 10 USD. This illustrates how important it is to protect against such attacks.

 

Physical security at the ColoBâle AG data center

The video-monitored and earthquake-proof data center of ColoBâle AG on the Magnet site in Pratteln, which is equipped with an electronic access system for the main entrance and the server rooms, forms the physical foundation for cyber security. The installed diesel generators guarantee stable and reliable power supply to the customers' IT systems even in the event of grid shutdowns triggered by power shortages.


NIST-Framework

There are various ways to protect against cyber attacks. ProCloud AG works according to the NIST-Framework, which was published in 2014 by NIST - the National Institute of Standards and Technology. The NIST framework is easy to understand and combined with the high substance, it quickly spread to the private sector. ProCloud AG is committed to a 360° view and consulting and offers products for all phases of the NIST.

Identify: What needs to be protected?

Protect: What measures do I use to protect the identified objects and data?
Detect: How do I recognize an incident if the protective measures were not sufficient?
Respond: How do I react during an incident?
Recover: How do I get back into the "modus operandi" and what are the reworks?

 

You can find more information about the company ProCloud AG here.