{"id":5962,"date":"2020-02-05T17:51:17","date_gmt":"2020-02-05T17:51:17","guid":{"rendered":"https:\/\/www.n-able.com\/?p=5962"},"modified":"2021-04-08T17:55:28","modified_gmt":"2021-04-08T16:55:28","slug":"maze-ransomware-threat-businesss-security-and-reputation","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation","title":{"rendered":"Maze Ransomware: A Threat to a Business\u2019s Security and Reputation"},"content":{"rendered":"<p>Ransomware began simply\u2014a criminal would send a piece of malware that locked up your system unless you paid them a ransom. If you had a good backup in place, you could revert your system to a known safe state and get back up and running fast. Over time, the industry did a decent job of using strong backup to protect their data and systems, and we saw some decline in this basic level of ransomware.<\/p>\n<p>As a result, we have seen ransomware trends shift. In some cases, criminals have started to extend their paydays by leaving behind other problematic pieces of software after the ransomware infection is over (such as cryptominers). We have also seen the\u00a0<em>targets<\/em>\u00a0of ransomware shift. This has been one of the biggest shifts over the past two years. While cybercriminals still target individuals and small businesses, they have increasingly attacked small town governments. Unfortunately, these organizations lack the resources and agility of their corporate counterparts and can often get taken down for days by a major ransomware attack.<\/p>\n<p>Most of these ransomware attacks use the threat of organizational disruption to earn their payment. Recently, we\u2019ve seen a new development\u2014extorting businesses by exposing breached data if they don\u2019t pay. Today, we\u2019ll talk about some of the implications and how to handle them.<\/p>\n<h2>What happened?<\/h2>\n<p>When attackers land ransomware, it\u2019s not uncommon for them to access and read data as well. For years, attackers threatened to release this information, but didn\u2019t make good on the threat. That changed with Maze ransomware, where they released stolen data from\u00a0<a class=\"ext\" href=\"https:\/\/www.databreachtoday.com\/ransomware-attackers-leak-stolen-data-a-13438\" target=\"_blank\" rel=\"noopener noreferrer\">some companies that didn\u2019t pay up<\/a>\u00a0and\u00a0<a class=\"ext\" href=\"https:\/\/krebsonsecurity.com\/2019\/12\/ransomware-gangs-now-outing-victim-businesses-that-dont-pay-up\/\" target=\"_blank\" rel=\"noopener noreferrer\">threatened to release even more<\/a>. The threat comes to a business\u2019s reputation and their finances if they don\u2019t report and end up facing compliance fines.<\/p>\n<p>This threat can\u2019t be defeated simply with backup, although, backup is still essential for the encryption variants (which will likely still be the main type of ransomware, so don\u2019t skimp on backup). However, this could represent a new line of attack. Instead of dealing with downtime or data loss, you could face public scrutiny and damage to your reputation on top of the potential data losses.<\/p>\n<h2>What you can do<\/h2>\n<p>Once someone gets data using this style of ransomware, there isn\u2019t much you can do outside of paying the ransom or preparing to have the data released. Even if you pay the ransom, you have no guarantee the data will not be released, and you may still have some level of responsibility to report. There are preventative steps you can take. A data loss prevention (DLP) solution may alert you to attempts to exfiltrate data, but even if you have one in place you should still employ the following:<\/p>\n<ul>\n<li><b>Patching, email security, and web protection:\u00a0<\/b>Dealing with these attacks starts with preventing the myriad of ways they can enter an organization. This means covering a lot of the same bases you have for years\u2014patching software vulnerabilities quickly, deploying email protection, and using web protection to prevent users from encountering malicious sites (quite a few attacks start with drive-by downloads).<\/li>\n<li><b>Network segmentation:\u00a0<\/b>Another important point here comes from segmenting portions of your customers\u2019 networks to help prevent ransomware from spreading. You may want to cordon off the most important parts of your network to help prevent an intrusion in one area from affecting another. In simple terms, if criminals can access employee records, segmenting the network properly could prevent them from reaching customer data or give you time to detect the issue before it spreads to other parts of the corporate network.<\/li>\n<li><b>Endpoint protection:<\/b>\u00a0For attacks like these, I want to emphasize the importance of going beyond antivirus by using a full endpoint protection solution. Signature-based antivirus normally can only catch known issues. However, endpoint protection solutions cover more than just malicious files\u2014they use artificial intelligence and machine learning to look holistically at the endpoint for odd or suspicious behavior, then either flag that to the IT professional or take a specific action. For example, if someone downloads a spreadsheet, which then launches a script that begins reaching out to other endpoints on the network or starts copying and transmitting sensitive data to another source, the endpoint protection solution can attempt to halt both actions before damage is done.<\/li>\n<li><b>Transparency:\u00a0<\/b>If you get an indication that someone has access to customer data, you should be transparent with customers about the incident. If you\u2019re required by law to notify your customers and your regulator about the breach, you\u00a0<em>absolutely<\/em>\u00a0need to come clean when a breach occurs. You don\u2019t want auditors to find out when cybercriminals publish your business\u2019s name on a website. If there\u2019s an indication of a data compromise, make sure you report within your reporting window. Don\u2019t make a bad situation worse\u2014honesty really is the best security policy.<\/li>\n<\/ul>\n<h2>A scary new front<\/h2>\n<p>For years, cybercriminals have demanded ransoms to keep quiet about data breaches. Until recently, these were mostly idle threats, but today\u2019s reality represents a terrifying new challenge in the fight against ransomware. If you don\u2019t want to end up on the wrong end of one of these attacks, continue employing strong security controls. And if you do face a breach, above all, be transparent with compliance officers and customers.<\/p>\n<p><b>I mentioned endpoint protection as a key pillar of defense against these threats. SolarWinds<sup>\u00ae<\/sup>\u00a0Endpoint Detection and Response (EDR), powered by SentinelOne<sup>\u00ae<\/sup>, offers AI-driven threat detection and policy-driven responses and protection. If one of your clients is hit by a traditional, encryption-based ransomware attack, EDR can automatically roll the endpoint back to a known safe state. And it\u2019s available in SolarWinds RMM, which you can use to also manage patches, offer email protection, and run backup. Learn more\u00a0<\/b><a href=\"https:\/\/www.solarwindsmsp.com\/products\/rmm\/endpoint-detection-and-response?promo=blog\" target=\"_blank\" rel=\"noopener\">today<\/a><b>.<\/b><\/p>\n<p><em>Tim Brown is VP of Security for SolarWinds MSP. He has over 20 years of experience developing and implementing security technology,\u00a0including identity and access management, vulnerability assessment, security compliance, threat research, vulnerability management, encryption, managed security services, and cloud security. Tim\u2019s experience has made him an in-demand expert on cybersecurity, and has taken him from meeting with members of Congress and the Senate to the Situation Room in the White House. Additionally, Tim has been central in driving advancements in identity frameworks, has worked with the US government on security initiatives, and holds 18 patents on security-related topics.\u00a0<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recently, ransomware actors have upped their game to extortion by threatening to release exfiltrated data onto the web. Tim Brown looks at what MSPs should be doing to help keep&#8230;<\/p>\n","protected":false},"author":43,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-5962","post","type-post","status-publish","format-standard","hentry","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Maze Ransomware: A Threat to a Business\u2019s Security and Reputation - N-able<\/title>\n<meta name=\"description\" content=\"Recently, ransomware actors have upped their game to extortion by threatening to release exfiltrated data onto the web. Tim Brown looks at what MSPs should be doing to help keep their customers safe.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Maze Ransomware: A Threat to a Business\u2019s Security and Reputation - N-able\" \/>\n<meta property=\"og:description\" content=\"Recently, ransomware actors have upped their game to extortion by threatening to release exfiltrated data onto the web. Tim Brown looks at what MSPs should be doing to help keep their customers safe.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2020-02-05T17:51:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-08T16:55:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Tim Brown\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tim Brown\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation\"},\"author\":{\"name\":\"Tim Brown\",\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/person\/65b11c76d7eceabc6a98f67feafee6e8\"},\"headline\":\"Maze Ransomware: A Threat to a Business\u2019s Security and Reputation\",\"datePublished\":\"2020-02-05T17:51:17+00:00\",\"dateModified\":\"2021-04-08T16:55:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation\"},\"wordCount\":1086,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/es#organization\"},\"articleSection\":[\"Security\"],\"inLanguage\":\"es\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation\",\"url\":\"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation\",\"name\":\"Maze Ransomware: A Threat to a Business\u2019s Security and Reputation - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/es#website\"},\"datePublished\":\"2020-02-05T17:51:17+00:00\",\"dateModified\":\"2021-04-08T16:55:28+00:00\",\"description\":\"Recently, ransomware actors have upped their game to extortion by threatening to release exfiltrated data onto the web. Tim Brown looks at what MSPs should be doing to help keep their customers safe.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Security\",\"item\":\"https:\/\/www.n-able.com\/es\/blog\/category\/security\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Maze Ransomware: A Threat to a Business\u2019s Security and Reputation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/es#website\",\"url\":\"https:\/\/www.n-able.com\/es\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/es#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/es?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/es#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/es\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/person\/65b11c76d7eceabc6a98f67feafee6e8\",\"name\":\"Tim Brown\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g\",\"caption\":\"Tim Brown\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Maze Ransomware: A Threat to a Business\u2019s Security and Reputation - N-able","description":"Recently, ransomware actors have upped their game to extortion by threatening to release exfiltrated data onto the web. Tim Brown looks at what MSPs should be doing to help keep their customers safe.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation","og_locale":"es_ES","og_type":"article","og_title":"Maze Ransomware: A Threat to a Business\u2019s Security and Reputation - N-able","og_description":"Recently, ransomware actors have upped their game to extortion by threatening to release exfiltrated data onto the web. Tim Brown looks at what MSPs should be doing to help keep their customers safe.","og_url":"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2020-02-05T17:51:17+00:00","article_modified_time":"2021-04-08T16:55:28+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"Tim Brown","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Escrito por":"Tim Brown","Tiempo de lectura":"5 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation"},"author":{"name":"Tim Brown","@id":"https:\/\/www.n-able.com\/es#\/schema\/person\/65b11c76d7eceabc6a98f67feafee6e8"},"headline":"Maze Ransomware: A Threat to a Business\u2019s Security and Reputation","datePublished":"2020-02-05T17:51:17+00:00","dateModified":"2021-04-08T16:55:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation"},"wordCount":1086,"publisher":{"@id":"https:\/\/www.n-able.com\/es#organization"},"articleSection":["Security"],"inLanguage":"es"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation","url":"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation","name":"Maze Ransomware: A Threat to a Business\u2019s Security and Reputation - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/es#website"},"datePublished":"2020-02-05T17:51:17+00:00","dateModified":"2021-04-08T16:55:28+00:00","description":"Recently, ransomware actors have upped their game to extortion by threatening to release exfiltrated data onto the web. Tim Brown looks at what MSPs should be doing to help keep their customers safe.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/es\/blog\/maze-ransomware-threat-businesss-security-and-reputation#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Security","item":"https:\/\/www.n-able.com\/es\/blog\/category\/security"},{"@type":"ListItem","position":2,"name":"Maze Ransomware: A Threat to a Business\u2019s Security and Reputation"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/es#website","url":"https:\/\/www.n-able.com\/es","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/es#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/es?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/es#organization","name":"N-able","url":"https:\/\/www.n-able.com\/es","logo":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/es#\/schema\/person\/65b11c76d7eceabc6a98f67feafee6e8","name":"Tim Brown","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g","caption":"Tim Brown"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/posts\/5962","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/users\/43"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/comments?post=5962"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/posts\/5962\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/media?parent=5962"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}