article_ransomware.content.intro_1
article_ransomware.content.intro_2
GDPR Alert: Double extortion means attackers extract your data before encrypting it. AEPD fines can force technical bankruptcy.
The anatomy of the attack: Lateral Movement and Double Extortion
The hijacking of connected backups
If your network drive (NAS) is accessible from a compromised server, the ransomware will encrypt it within the first few minutes of execution.
The Double Extortion trap
You won't just be paying to recover your operations, you'll be paying to prevent your SQL databases from ending up auctioned on public forums.
article_ransomware.content.h3_3
At Kodia we bet on fortified environments and network segmentation to cut off malware propagation paths.
Traditional Backup
Vulnerable to lateral propagation and deletion by compromised administrators.
Immutable Backup
Hardware-locked (WORM). Impossible to encrypt or prematurely delete.
Are your backups exposed?
We perform OWASP-based attack simulations to shield your infrastructure.
Request AuditSelf-Hosted Infrastructures: Retaking control
article_ransomware.content.p_4
article_ransomware.content.p_5
Preguntas Frecuentes
Q. What is double extortion?
A.It's when they steal your data before encrypting it to blackmail you with its publication.
Q. Is my NAS secure?
A.Not if it is permanently mounted on the network; malware will find it easily.
Q. What is an immutable backup?
A.A backup that cannot be modified or deleted by anyone for a fixed period of time.