RedShift Networks Helps Customers Proactively Prevent Costly Ransomware Incidents Across Voice And Data Networks

More than 100,000 enterprise IT email and collaboration accounts are compromised every day via phishing attacks. The goal of these phishing attacks is to insert Ransomware in the enterprise network as cyber criminals, scammers, look to exploit stolen credentials as quickly as possible to get access to the company’s critical information and financial assets. These compromised accounts are then manually accessed within 12 hours of the username and password being leaked on the dark web.

Ransomware operates because of malicious unauthorized access to enterprise applications, and ultimately locks up a user’s data. Scammers typically demand money in order to get a key to unlock or return the affected service and/or data. Recent ransomware payments help other malicious groups consider additional efforts to exploit both voice and data systems since owners show willingness to capitulate to ransom demands and pay millions in funds.

Ransomware attacks have become so prevalent that ransomware-as-a-service platforms have enabled virtually anyone who has dark web access and a bitcoin wallet to become a ransomware operator.  Another area of concern is that some scammers are now making a common practice to exfiltration a significant amount of data before they do the ransom execution. And have full access to the enterprise’s financials. Scammers can literally paste screenshots of their QuickBooks.  Some scammers, known as “string alongs”, will encrypt two or three keys and sell one key, not release the ransomware and then extort the enterprise again for the next key.

Ransomware Prevention Across the Voice and Data Network

White House Cybersecurity officials told SC Magazine that cyberattacks caused as much as $10 billion in global damages. A large portion of those damages is attributed to Ransomware. Fortunately, there are ways to minimize ransomware from attacking both the data and voice portions of the business. This paper describes preventative measures and a few best practice examples for remediation.

SANS Institute researchers note ransomware has cost the global insurance industry around $2.7 billion in payouts. “The speed of such attacks, along with their growing frequency and efficiency as well as the second and third order effects they can have on customer data and service delivery for other stakeholders in the supply chain, forced a broader reevaluation of how to treat the problem.”

Protecting the $167 Billion Unified Communications Network and Applications

By 2025, the market for UC or unified communications is forecast to reach $167 billion. The potential for UC hacking and ransomware impacts employees, shareholders, and even clients involved in a wide variety of conversations. The FCC has proactively set June 2021 as the date for a new proactive malware protocol called the FCC 2021 STIR/SHAKEN standard to help clients prevent and remediate unwanted spam, robocalls and ultimately ransomware.

Protecting all aspects of the enterprise network is essential to minimize phishing, malicious exploits, and ultimately ransomware. For example, Call Center operations are an essential part of most large enterprise’s business. If a Call Center shuts down, the enterprise stands to lose voice contact with customers and likely millions of dollars in future revenue. Once aware of the potential voice attack vector, one carrier recently contacted RedShift Networks with the details of the attack, seeking help to resolve the situation. Detailing a broad framework for preventing ransomware, including this voice approach was the goal of the recent 81 page report from the Institute for Security and Technology. This report includes details on Managed Service Providers (MSPs) covering IT and security functions for organizations with an inability to invest in either in-house expertise or technologies.

RedShift Networks offers customers patented granular algorithms that detect and thwart a host of unique UC SIP based DoS attack vectors and ransomware exploits. SIP is an accepted and widely used protocol based on more than 43 IETF RFCs. SIP messaging methods are often used to generate a Telephony Denial of Service (TDoS) or DDoS attack. These types of TDoS attacks quickly bring down a call center and wreak havoc plus lost revenue including ransomware damages to an enterprise whose business depends on their call center operating at peak performance.