I wrote a series of papers for TechTarget, sponsored by Veeam, mainly about ransomware. Here are links to download each paper (reg. req.):
- Understanding different types of phishing attacks. As we all know by now, all it takes is just one phishing message to slip by our defenses to ruin our day. Just one click, and an attacker can be inside our network, connecting to that single endpoint and trying to leverage that access to plant additional malware, take control over our critical servers, and find something that can be used to harm our business and steal data and money from our bank accounts. In this paper, I talk about the many different variety of phishing attacks and their increasing sophistication.
- How the role of backups have changed in the era of ransomware. (see this pdf) The role of backups has changed in the modern era and this paper describes this evolution. As attackers are getting smarter and more focused, IT managers have to also change with the times. Attackers are getting more adept at penetrating networks, necessitating that backups have to become more sophisticated and cover a multitude of circumstances, threat models, and conditions. And as we change the way we work, the way we consume data, the way we build our business computing systems and the way they depend on more complex online systems, we need to change the way we make backups too.
- Tips on defending your network against ransomware. (See this pdf) Defending your network and preventing your users from getting infected with ransomware means more than just implementing various firewalls and network intrusion systems. It is about creating a culture of being resilient. It is developing a concerted backup and recovery process that will cover your systems and your data assets, so they will be protected when an attack happens and your business can return to an operational state as quickly and as inexpensively as possible. In this paper, I share some tips for making your systems more resilient.
- Fighting ransomware with tape and cloud: a backup field guide. (See this pdf) The old standby of data protection, tape backups, is still alive and well in many IT shops. Ironically, it is making a resurgence because of ransomware and other malware attacks. We don’t know what tomorrow’s threats will look like, and there is a lot of risk to having something online that is connected to a network with these types of threats today. While tape has had a long history as a backup medium, the cloud can complement tape backups too, as I describe in this paper.
- Steps to an effective phishing defense program. (See this pdf) When it comes to defending your network, many enterprise IT managers tend to forget that it is the people behind the keyboards that can make or break their security posture, and sometimes the people matter more than the machines. Phishing is happening all the time, to every organization. The trick is understanding this dynamic. I describe four different steps you can take to improve your defenses.
- The story of how the city of Atlanta reacted against a ransomware attack at the end of March 2018 is instructive both in terms of what not to do and how expensive such an attack can become. The city actually experienced two separate attacks, one that began March 22 and another on April 5. My paper describes the series of events and how the city got attacked.