Last month, Alvaka COO and CISO, Kevin McDonald, sat down with the Miles Jobgen of the CompTIA Biz Tech Podcast to share his experiences with rescuing and restoring clients from ransomware—the most dangerous threat to IT solution providers today. He also discussed best practices and actions that everyone should be taking to minimize ransomware risk. Below are some of the key takeaways from the interview.
Miles: “Do we see something different coming from the ransomware side, and then at the same time, are there maybe technical innovations on good guy’s side to help us kind of fight this?”
Kevin: “Yes, and yes. In fact, they are getting much more sophisticated, they’re much more patient. The bad actors are spending a lot more time, they’re shooting for bigger targets, and they’re learning the social behaviors [of the company]… They often will calculate what they think you are as a company, how much money you have in the bank, or insurance coverage, and they make the ransom fit what they think you can pay.”
Kevin: “When you have ransomware and you don’t have a self-isolated or air gapped backup that’s been defended against, you very often are not going to come back from ransomware. And we’re seeing a substantial number of businesses just disappear.”
Kevin: “My biggest frustration is people think they can insure against ransomware – you cannot. They think they can do a local backup against ransomware – you cannot. These guys are getting a hold of administrative and domain level credentials, taking over entire networks…so if you are logical about it, they can do anything that you can do with administrative functions, which means deleting your backup or overriding it, or corrupting it in some way.”
Miles: “What about internally? What should they [solution providers] be doing to make themselves less of a target, or at least a more difficult target?”
Kevin: “Starting with the basics […] patching your own systems […] applying MFA to critical functions like active directory and your domain controllers and things that are critical to gaining a foothold, taking away local administrative rights from everybody […] even executives.”
Click HERE to listen to the full podcast!