How to Prepare for a Ransomware Attack

By now you’ve surely heard of ransomware, a type of cyber attack when “cyber kidnappers” take your computer or network hostage and infect a computer or computer system with a virus that locks all the files and programs. The only way to unlock the files and read them again is to use a key or code, which is given upon receipt of the ransom payment.

So how do you prepare for a ransomware attack?

Planning, planning, planning. You must have a plan and assume the worst can and will happen. According to the Herjavec Group, the amount paid out by victims of ransomware in just the first three months of 2016 came to a total of $209 million. The report suggests that at that rate, the total cost of ransomware is set to reach $1 billion for all of 2016.

Here are some quick tips:

  • Build a comprehensive backup solution, backup often, and test the solution. Backup your computer and file systems, drives, etc. in the cloud – one that will not be infected or linked to your current computer system. You may even create a full backup to a removable drive of some kind. The bottom line is if your files get encrypted, you don’t have to pay the ransom – you just restore the files. Most businesses back up, but some have not tested whether or not these backups work in an emergency.
  • Have a disaster recovery plan. If creating the backups is the beginning of the plan, have steps to continue implementation. Who will be responsible for removing the virus and reestablishing the file system? Is it someone in your IT department? Is it a contractor or third party? Always know what which steps to take – this will keep things running smoothly, and most importantly avoids a sense of panic in a tough situation.
  • Use a layered security approach, with all endpoints protected, as well as protection at the mail server and gateway. If you can stop these things from ever showing up in an end user’s mailbox, you’re ahead of the game.
  • Educate your employees. One of the most popular vehicles for ransomware is a phishing email telling the user they have an invoice that requires payment. If employees recognize such emails, they will know not to open or respond to them, but instead report them to their information security team.
  • Run risk analyses, and patch vulnerabilities, especially on browsers, browser plugins, and operating systems. Information security teams should be savvy enough to continuously run penetration tests to hunt for vulnerabilities.

Planning and taking quick action are the best ways to avoid a serious problem from ransomware. If your organization is not sure where to start, a cyber security provider like Neovera can easily help you create a cyber security strategy that will increase your cyber security posture and protect your business from the consequential costs and reputation damage caused by ransomware and other cyber attacks. So plan accordingly and take action now to make sure you’re in the clear when disaster tries to strike.

Get a Disaster Recovery Plan. NOW.

In business, disruptive events do not know size or industry – they can happen to organizations at the drop of a hat, with most of the affected parties not having a clue as to how to react. This is where a disaster recovery plan comes into play; though no one ever wants to use it, it’s better to be safe than sorry. With that being said, a good starting point for creating your disaster recovery plan is understanding and having answers to the following points:

  • How employees will communicate with one another
  • Where they will go to resume work
  • How employees will continue to work

A great place to start is with a Business Impact Analysis (BIA), which identifies and evaluates the potential effects of a disruption to business functions and processes. This is perhaps the most critical part of your disaster recovery plan because it identifies what you could lose if disaster strikes and threatens your business infrastructure.

Impacts could include:

  • Loss or delay of sales or income
  • An increase in expenses to fix the issue
  • Customer dissatisfaction and abandonment
  • Increase in marketing costs to bring back customers

It is important to adequately plan for an emergency. Think about it this way: your office building probably has a sprinkler system in case of a fire. Use the same concept when approaching those “what if” disruptive event scenarios – essentially, you need to have a sprinkler system for your infrastructure and data in case of a potential disaster. Just like you would test the sprinkler system every month or so, you need to complete daily data replications and backup management for your critical data to ensure it continues to live on despite whatever event may come about. With Neovera as a partner, your disaster recovery plan is well-equipped with a team of experts on-hand 24x7x365 to assist with any and all spur-of-the-moment issues that may arise. Not only will they know the ins and outs of your disaster recovery plan, but they will have a great understanding for the vital data and infrastructure that is at stake.

If you’re reading this and questioning to yourself if you have a disaster recovery plan for your physical and/or virtual environments, chances are you don’t. Get one. Quickly.

Five Advantages of IT Consulting

Most organizations will face the question of whether or not to consider investing in IT consulting, keep operations in-house, or simply outsource their entire IT environment. The truth is, not all organizations know exactly what they’re doing when it comes to IT and it can greatly slow their growth and progress – and cost them a lot of money. There are many advantages to turning to an IT consultant to help your IT goals align with your overall goals.

Below we’ll discuss five advantages of IT consulting and how each can help your organization succeed.


This may be one of the lesser talked about advantages to IT consulting. While there are only so many hours in a day, week, month, or year, you can use your time more wisely. It takes time to recruit the proper talent to fill your IT department, it takes time to implement good IT practices, and it takes time to manage all the things that come with IT. Hiring a top IT consultant can help you reduce the time it takes from concept to implementation: they’ll be familiar with best practices, security compliance, infrastructure, and how to make sure your IT environment is helping your bottom line.


One of the main concerns is the cost of maintaining a top IT infrastructure. This can be especially daunting if you’re unsure of what you’re doing or you make some mistakes along the way. While growing pains are often part of doing business, it’s entirely possible to mitigate them and reduce costs in the process. Some organizations have seen a reduction in IT costs of 30% or more! By reducing the cost of IT you can use the increased revenue to invest in IT or other aspects of your business. Not only can you reduce the cost of resources, but you can lessen the risk of major disasters that can cost your company time and money.


Your data and infrastructure’s security is imperative to maintaining a successful business in an ever-evolving digital world. We’re all aware of the threat of data and security breaches including from some of the country’s largest companies. IT experts and consultants will be familiar with all types of businesses, all types of data, and the different ways to secure what’s most important to your business. They’ll be able to perform a security risk assessment on your current infrastructure and find ways to not only improve your security but make sure you’re compliant where you need to be. The threat of a virtual attack isn’t going away, so it’s important to have the proper security you need to avoid an attack that can cost your business big time.

Disaster Recovery

Things happen that aren’t always good for business. When a disaster occurs it’s important to know what to do, how to do it, and who is responsible for certain tasks along the way. Having experts at your side can and will make this process much less stressful. What is most important in the face of a disaster is recovering your data rapidly so you can continue doing business. An expert IT consultant will have multiple recovery options to minimize downtime, and a number of cloud and replication options.

Clean Infrastructure

Though it isn’t easily obtainable, an expert IT consultant will provide a holistic infrastructure assessment allowing you to enhance operational efficiency, increase security, cut costs, and achieve compliance guidelines. In essence, this brings all the other advantages together in one. You’ll be provided with a best-fit solution for your IT needs as a company like Neovera will conduct a thorough assessment and gap analysis of your core infrastructure, including architecture design, implementation and migration services.

Having proper IT consulting is a major make or break point for any organization’s operational efficiency. While every incident is not completely avoidable, having the correct protocol in place will allow your business to continue to operate during the solution process. Neovera’s promise of 24x7x365 bespoke IT consulting allows companies to rest assured that their data is secured and protected.

Disaster Recovery: When Ransomware Strikes

Ransomware attacks are skyrocketing in popularity – approximately $1 Billion spent in 2016 alone to free networks and data from hackers’ grasps. Ransomware attacks occur when a hacker infiltrates your network, locks up everything and demands payment in return for the digital key. If that demand isn’t met, everything you’ve worked on goes out the window. And, while backing up data prior to an attack occurring is a great way to take some of the power away from cyber attackers, it shouldn’t be the only weapon in your disaster recovery arsenal.

There’s a lot to take into account when it comes to creating a disaster recovery plan. Not only do you need to identify and locate critical systems, but a review process should be in place to make sure nothing is in immediate danger from threats, natural or manmade. When a disastrous event occurs – anything from an “act of God” to a debilitating ransomware attack – short and long-term plans need to be mobilized immediately so that your business can continue uninterrupted. As a full-service monitoring and management IT solutions firm, Neovera is able to provide its clients with round-the-clock service if they find themselves dealing with an unruly ransomware attack:

  • BUSINESS CONTINUITY – Ensure business critical data and processes are secured with minimal downtime.
  • CUSTOMIZED FLEXIBILITY – Neovera supports multiple DSR options for cloud and physical environments ranging from customer-provided to full turnkey solutions.
  • EXCEED EXPECTATIONS – Multiple recovery options enable rapid and efficient recovery of resources.
  • SECURE REPLICATION – Numerous levels of data protection for virtual and physical infrastructure ranging from tape backups to real-time replication.
  • UNMATCHED EXPERTISE – We have the technical expertise and resources to develop cost-effective solutions that deliver 24x7x365 failover protection.
  • SITUATIONAL AWARENESS – Our engineers will perform a complete business impact analysis to develop the optimal solution to protect your critical information and prevent unforeseen events.

Ransomware attacks rose by nearly 26% from 2015, according to the FBI – and with the odds of an attack becoming that much more possible, the time is now to create a disaster recovery plan that supports both short and long term business solutions for your organization’s specific wants and needs. Neovera has over 15 years of experience providing 24x7x365 monitoring and management support to businesses of all types while staying one step ahead of the latest cyber threats.

Healthcare Behemoth Hit by Malware Attack

News of MedStar Health’s malware attack, as reported on Monday, was at first met with shock and then a resounding (albeit internal) “Again?!”. Unfortunately a lot of healthcare providers across the country have been hit with varying degrees of ransomware attacks. Whether through spear phishing campaigns or corrupted websites, these hackers were not only able to infiltrate and lock down vital systems, but managed to extort the ransom money from almost every targeted hospital or medical provider. Now, with this malware attack stalling not only MedStar’s 10 hospitals but 30,000 in staff and an additional 6,000 affiliated physicians, what steps are providers going to take to reduce the attack risk and why are healthcare systems still prime targets?

Here are the basic facts: early Monday morning, reports began rolling in about a malware attack on MedStar’s network, which forced an entire shutdown to determine where the attack originated, what it had infected and what could be done to get rid of it. Though the organization maintains no patient data was stolen or compromised, employees mentioned seeing demands for payment in exchange for their computers being unlocked. Currently, they are still working to get the network’s full functionality back – meanwhile, patients were not able to get the care they needed and doctors weren’t able to work with the efficiency they value since the records were trapped in technological limbo.

On an aside, it is important to note that this is the third such malware attack of this caliber to happen this year alone. The attack on a California hospital was traced back to the ransomware strain “Locky”. Since the hospital didn’t have their files backed up, they paid a ransom that amounted to $17,000 in order to gain access to their files again. The same thing happened to another healthcare organization in Kentucky – ransomware locked the networks and demands were made to the tune of thousands of dollars. Unfortunately the healthcare industry is easy pickings for thieves and corrupt computer pirates using a malware attack, considering the lack of funding or even time that these networks receive to make extremely necessary updates so security standards are able to protect against outside intruders.

Though nothing can be done with MedStar’s current situation, their future can be much more secure provided that cyber security takes a larger role in the day-to-day. Most assume that the initial breach’s causation had to do with an errant link in an email, or otherwise corrupt website. Along with personnel awareness and additional cyber security training, there are many other options that can continue behind the scenes in order to keep these hospitals running smoothly. And while this is an unsettling way to learn a lesson about cyber security, it is one that the whole healthcare system should take note of. Though HIPAA compliance is extremely important, protecting a patient and their data from getting into the hands of a criminal online is equally so.

Is Paying the Ransom in a Ransomware Attack the Right Move?

There has been some debate recently about what to do if you are attacked with ransomware. Ransomware is a form of cyber attack that loads malware into computer systems that encrypts the files. The only way to break the encryption is with a “key”. The only way the key can be obtained is to pay a sum of money, or ransom.

Those that perpetrate ransomware often threaten that if the ransom is not paid within a certain timeframe all the files we be deleted permanently.

For many businesses or other entities losing all of their files would be debilitating, causing many to fold up shop. For them the only recourse is to simply pay the ransom. This brings up another problem though.

If you pay the ransom, what is stopping another attacker from exploiting you, especially now that they now you’ll pay up when asked?

In 2015 a Swiss-based company called ProtonMail was the victim of a ransomware attack. What did they do? They paid the ransom. What happened next? Another attack.

ProtonMail stated they made a mistake paying the first ransom and put out a statement saying they would never pay another ransom to future attackers – “it was clearly the wrong decision,” they said.

Recently, another organization paid a hefty ransom to release their systems from the grasp of ransomware. Hollywood Presbyterian Medical Center was the victim of ransomware that crippled their systems. The attackers wanted 40 Bitcoins ($17,000) for the decryption key. Just as ProtonMail did, Hollywood Presbyterian paid the ransom.

So far Hollywoord Presbyterian has not reported any additional attacks, but it’s only been a short time since they paid.

Ransomware attacks have become more prevalent in recent years as traditional cyber attacks have become more difficult to perpetrate – although that hasn’t stopped them from occurring, of course.

Thwarting ransomware attacks isn’t as tricky as it might seem though. The best way to guard against a ransomware attack is to keep offline or separate backups of your files and data. If you are the victim of a ransomware attack you can avoid paying the ransom and restore your data using your offline backups.

Of course, having a full suite of defenses against cyber attacks is a great strategy. Focusing on one aspect is sure to open you up to attacks in other areas. Having a full plan of attack – no pun intended – against ransomware and other methods is sure to set you up for success.

How Often Should You Perform Database Backups?

Backing up critical data is an extremely important aspect of any business’ infrastructure, and technological advancements have made it easier to do so, thereby restoring your company to its normal status after data loss. However, many companies aren’t sure how often to back up their data, or what data to back up. We’ll answer those questions.

First, a database backup is essentially a direct copy of the data – a backup is used to recreate lost information or files within the database when the originals have been lost or corrupted. In many databases, as explained by Oracle, “this copy includes important parts of your database, such as the control file, archive logs and datafile-structures”; database backup is imperative in recovering your data.

Consider this: the second quarter of 2015 saw more than 4M samples of ransomware attacks, over 1M of which were new in comparison to 2014, and those numbers are only expected to increase drastically. A threat to both public and private sectors, hackers will hold your data hostage until they are paid in exchange for a key that frees your information. If you have these files backed up on a separate drive, they immediately become less important to you, making it less likely that you are willing to pay anything to the hackers in question. Even a few minutes of downtime can be detrimental to a large company or organization, so it is important that you can recover and restore the data as quickly as possible.

Ok, so you now know that backing up your data is a critical part of running a successful business. But how often is necessary when backing up your data? Another great question, of course, but the answer is not so simple. The frequency of backups should be tailored around your business requirements. If you’re unsure how often your organization needs to backup, you should rely on professional engineers to create a data recovery plan and perform daily data backups. Having backup management services in place not only protects the virtual investments you’ve work so hard to build, but also helps eliminate daily management risks while increasing productivity. Partners like Neovera can ensure your business runs smoothly and help you avoid the technology headaches.

Ransomware: What Is It, and How Big of a Threat Is It?

As the snow fell along the East coast this past weekend, I was reminded of the celebrated movie Fargo. Nothing goes to plan as the main character solicits two bumbling crooks to kidnap his wife, hold her for ransom and then collect from his wealthy father in-law; naturally, chaos ensues. The world of computing has a similar feel these days: while it may not be full of snowflakes and sub-zero temperatures, it has plenty of virtual kidnappers.

One way “cyber kidnappers” can take your computer or network hostage is through ransomware, a newer type of cyber attack that infects a computer or computer system with a virus that locks all the files and programs. The only way to unlock the files and read them again is to use a key or code, which is given upon receipt of the ransom payment.

For instance, a cyber criminal will infect a company’s network with a virus that makes applications and files inaccessible, with a note attached to each file detailing how and when the ransom should be paid in order to gain access. This type of attack is covered in an episode of The Good Wife, where the law firm’s computer files are put up for ransom; they pay the ransom and all is well again. However, that’s not always the case in the real world, despite what the FBI and other agencies may suggest. Paying the ransom can just lead to more payment demands, or more viruses. I mean, if you pay once, the criminal can only assume you’ll do it again, right?

How do you fight against ransomware?

Planning, planning, planning. You must have a plan and assume the worst can and will happen; it’s only a matter of time before you’re hit by a crippling cyber attack.

First, make sure you backup your computer and file systems, drives, etc. someplace like the cloud – one that will not be infected or linked to your current computer system. You may even create a full backup to a removable drive of some kind. If you do this consistently it’s actually quite easy to get back up and running from a ransomware attack without too much, if any, damage. Plus, you can avoid paying the hefty ransom – which you certainly don’t want to do.

Secondly, have a disaster recovery plan. If creating the backups is the beginning of the plan, have steps to continue implementation. Who will be responsible for removing the virus and reestablishing the file system? Is it someone in your IT department? Is it a contractor or third party? Always know what which steps to take – this will keep things running smoothly, and most importantly avoids a sense of panic in a tough situation.

Third, don’t think it can’t or won’t happen to you or your business. It could happen to anyone, anywhere, anytime. It is estimated that in 2015 alone ransomware accounted for more than $25M in transferred funds from those infected to those who created the ransomware. That’s a lot of infected computer systems and a lot of people simply paying the ransom, probably more than once.

Planning and taking quick action are the best ways to avoid a serious problem from ransomware. So plan accordingly and take action now to make sure you’re in the clear when disaster tries to strike.

Cloud Migration: Four Key Benefits for your Company

Saving your data in the cloud could save your company in more ways than one – the rise of cyber crime and the increasing need to store more and more data makes companies and individuals susceptible to data theft, corruption, or loss. Many businesses will back up data with a secondary, external hard drive, or a central server. However, if your data storage becomes vulnerable, it is imperative to have a backup plan. In this particular instance, moving to the cloud allows for a more scalable environment that continues to grow alongside your business needs.

Four benefits you can expect immediately after moving to the cloud:

  1. Cost Savings: When you run your own servers, you’re looking at up-front costs: in the world of cloud-computing, that initial hardware investment is taken care of by the cloud provider. Additionally, you can reduce your IT department’s size and money spent on storage costs as a result of moving to the cloud. Furthermore, redistributing IT resources to areas that focus on business growth and not maintenance is another payoff for migrating your company’s data to the cloud.
  2. Storage Capacity: The cloud grows in stride with your data, and you only pay for the space your data is inhabiting at a given time. For as little or as much space as is necessary for your company, not only is it available but you won’t ever have to worry about going over a set storage limit (there isn’t one!).
  3. Improved Operations: You can access your data anytime, and anywhere. Downtime for server updates and maintenance will be a thing of the past, and your business will thrive with the extra time available.
  4. Security: Cloud providers make it their mission to ensure the safety of your information. Databases in rural locations with strict entrance protocols ensure that much, and not to worry if there happens to be a breach – alarms will sound and your cloud provider should be able to provide your company with 24×7 failover protection in emergency situations.

Cloud computing could become one of the most important pieces in your business arsenal. On-premise hardware with limited storage capacity that your own IT team needs to maintain is a thing of the past and puts a hard stop on any business development if there happens to be a technological glitch or breach. Grow your business with the cloud and experience the limitless possibilities.

Notable Breaches: The What, Why, and How to Avoid Them

Online breaches have become a significant part of the discussion when it comes to protecting consumer and organization data across multiple industries – from government groups to private companies and beyond, it seems like no one is safe from prying, anonymous hackers stationed around the world. We rounded up some of the more telling breaches, taking a look at how certain events came to fruition and tips on avoiding them in the future.

Company: Scottrade
Industry: Financial

Scottrade faced an attack sometime in late 2013 to early 2014 where hackers were able to access client names and addresses through the company’s website. Other sensitive information – email addresses, Social Security numbers, and more – could have easily been accessed and manipulated; however, the FBI concluded that the attackers were not interested as their aim may have been to perpetrate stock scams. Now remember how the attack originated in late 2013 to early 2014? Scottrade didn’t disclose the extent of the attack until October 1, 2015. They waited at least one and a half years to inform their customers of the egregious breach and that their personal information may have been compromised.

Company: Patreon
Industry: Commercial

Patreon is a crowdfunding site connecting artists with their supporters in order to fund their next creative project. Unfortunately, the site’s data was dumped onto the Internet on October 1, 2015 – data that included the website’s source code along with email addresses, account passwords, and private conversations between users of the site. Over 2.3 million email addresses and 15GB of data were discovered by the watchdog site Have I Been Pwned?, one of which happened to be the founder’s contact information.

Company: T-Mobile
Industry: Telecommunications

T-Mobile’s case is an interesting one in that it isn’t just an unnamed individual or group from the depths of the Internet. From September 1, 2013 to September 16, 2015, data was stolen from one of the servers by an individual without authorized access; the breach was not even noted until September 15, 2015, over two years after the initial start point of the attacks. Interestingly enough, the data – which included names, social security and identification numbers, addresses, dates of birth – was held by credit reporting agency Experian and was immediately blamed by T-Mobile.

Despite spanning multiple industries and types of intrusions from outside sources, these three cases all have one major theme in common: delayed discovery of the breach and a lack of proper reporting time to those affected. Scottrade took at least a year and a half, T-Mobile two years….you get the idea. A client of any company is giving their most valuable asset away – their distinguishing personal data – and, when in the wrong hands, their lives online or in-person come to a screeching halt. Unfortunately, many companies fail to heed the very obvious about security and data breaches; it’s not a matter of if, but when. In order to sidestep the heartache and confusion of dealing with this unfortunate scenario, take the preventative next steps and invest in actionable threat intelligence before this happens to your organization’s critical data.