In recent years, several companies have reported a type of attack that blocks the use of their database. The attacker gains access to the company's database and encrypts the information with his own key. To restore access, the true owners of the information have to pay a ransom — usually a value in cryptocurrencies, which are more difficult to trace, called Ransomware .

A lot of noise was generated in the security market, raising concern for the IT area. However, we are facing a new, smarter way to monetize the same forms of intrusion that have plagued corporate infrastructure for years. Rather than causing system crashes or stealing information, this attack does more damage by preventing the organization from accessing the most valuable asset it has on its network: company data.

It is important to note that Ransomware passes for software by exploiting a common attack vector such as phishing , infected emails, social media, or any source of malicious code that is inadvertently executed on a machine with access to a database. on-premise ERP software users' computers is an excellent gateway to access the company's database. Any infected user can potentially serve as a gateway to a successful ransomware attack.

The usual forms of protection such as anti-malware and anti-virus are certainly important to prevent such attacks, but it is sometimes difficult to be prepared against malicious code that exploits system vulnerabilities or that is hidden in malicious messages (e.g. online advertisements). . It is important to follow security best practices to prevent these attacks. This includes technical measures as well as security procedures when dealing with database access.

Another important measure is to retain several backup copies of the database from the last few weeks. This won't stop you from getting past an attack, but it will mitigate the damage, as it might be enough to regain your data access. The attack still needs to be identified and the vulnerability patched to prevent further intrusions.

virtualized environments

There is another way to greatly reduce your exposure to these attacks; virtualizing your ERP environment on a platform like Auto.Sky . Virtualization occurs when your ERP software effectively runs in the cloud and the only transmission made between the user and the remote ERP software are the screens presented. Any malicious code that may infect the user's computer will not have regular access to the remote ERP software, which means that it will not be able to easily access the network. Virtualization creates a strong barrier isolating local computers from remote ERP and protecting your cloud environment.

Backups

Auto.Sky Auto.Sky procedures and retains several database captures from the last few weeks. In case of any incident, the database can be promptly restored.

In the Auto.Sky , the ERP is kept completely protected by using strong authentication methods, firewall filters and network encryption, limiting external traffic to strictly permitted user connections or external integrations.

By keeping the cloud ERP isolated from user email or downloaded files, Auto.Sky adds another layer of isolation. This protects businesses from common attack vectors and ensures a more secure environment for their data.

Written by

Sky.One Team

This content was produced by SkyOne's team of cloud and digital transformation experts.