Ransomware is a never-ending battle that all managed IT services firms in Birmingham must fight. In order to stay ahead of cybercriminals who are constantly learning new ways to breach systems, you must surround yourself with IT experts and implement modern security layers.
Here's the story of a recent ransomware variant called Phobos:
Origin of Phobos Ransomware
Phobos, named after the Greek god of fear, was discovered in December 2018 by cybersecurity firm Covewave. Apparently, it was based on a combination of Dharma and Crysis ransomware. Phobos uses the same attack vector as Dharma, which targets open or vulnerable remote desktop protocols (RDP) ports. The FBI issued a warning in September 2018 that business owners need to secure these ports to counter growing attacks.
Like Dharma, Phobos infects a computer then encrypts data through the “.phobos” extension with the same ransom message, similar code, and the same antivirus detection module. Investigators believe Phobos was created by the same authors as Dharma and Crysis. The main differences are the new logo and encryption extension. Researchers believe Phobos is designed to act as an attack backup to Dharma.
Now that Phobos is imitating the two most dangerous types of ransomware the past year, managed IT services firms in Birmingham need to alert clients. If your IT consultant isn't informing you about such serious threats, it's time to find one that's more proactive. Europol's Internet Organised Crime Threat Assessment (IOCTA) of 2018 warns that ransomware is still the top threat to businesses that can potentially lead to millions of dollars in losses.
How to Block Phobos
Every business should have a plan to deal with cyber threats for both prevention and recovery from an attack. Since ransomware it commonly distributed through email, employees should be trained on how to spot suspicious emails, which tend to use similar URLs to national brands. Employees should be made aware that employee error is what attackers count on.
Backing up all your critical data on a regular basis is the absolute key to protecting your digital assets from being destroyed. You need at least two backups to your main server, ideally with one off-site. As long as your data is saved in safe places, you won't have to worry about attackers threatening to corrupt your data.
Other measures to ensure hackers can't get into your system easily include securing RDP ports, using firewalls and avoiding simple passwords. You should also enable network level authentication and keep remote access limited.
Every managed IT services team in Birmingham needs to keep up with robust security to prevent hackers from disrupting your network. Contact us at ION247 to learn more about protecting your data.