12/13/2019 | Press release | Distributed by Public on 12/13/2019 19:07
You've seen in the movies where the Special Forces are dropped off in enemy territory, then they split up to perform their assignments, then the main guy yells, 'See you at the exfil!' In that context, it means the Special Forces team are basically rescued from the bad guys when the helicopter comes back to pick them up. Well, apparently the computer geeks have stolen yet another word from the English language for their own use: exfiltration.
What does Data Exfiltration mean?
Data exfiltration is the unauthorized copying, transfer or retrieval of data from a computer or server. Data exfiltration is a malicious activity performed through various techniques, typically by cybercriminals over the Internet or other network. Data exfiltration is also known as data extrusion, data exportation, or data theft.
I know you've heard of 'ransomware' and probably know someone who has been hacked-probably from an employee clicking a link in an email that executed some very naughty script. Now the network is unavailable, and none of the data is available. The bad guy says, 'Hey, you want your data back? Send me some ridiculous amount of bitcoin first.' However, there is no guarantee that you will recover your files even if you pay the ransom.
Phishing emails or by unknowingly visiting an infected website is how ransomware typically spreads throughout a network, which is why segmentation of your network is important-at least, keep public access separate from internal functions-but the best prevention is education of your users.
Ransomware has affected every aspect of society, from grandma to the government. The website statescoop.com has created a map of ransomware attacks of government entities. Just this year alone, almost every state was attacked, including 'state and local governments, including school districts and higher education institutions.'
What can EFT do?
Enhanced File Transfer (EFT) is meant for file transfer and management of your data, not storage. You should be storing your data remotely from EFT in some sort of redundant storage. EFT can create efficiencies in your job by doing regular backups of important files and subsequently taking that backup off-site for secure storage. (EFT Enterprise includes a built-in Backup event rule, but that only backs up EFT configuration, not your data.) If you're an experienced and well-versed administrator, you've been backing up your data off-site, and doing it regularly. So while your organization may lose reputation and customers after an attack, your business can continue when you restore the data into a sanitized network.
EFT can help you take the following precautions to protect against the threat of ransomware, recommended by the Cybersecurity and Infrastructure Security Agency (CISA)
EFT encrypts all files, and integrates with third-party anti-virus, anti-malware, and DLP servers so you can scan for espionage breaches, credit card number transfers, viruses, and so on. Since ransomware is often brought into a network as a virus, EFT helps ensure that you can set up your environment to protect against these viruses, have full visibility into how a file was introduced into your environment, and automatically quarantine the files. EFT supports prevention, enables rapid incident response, and provides thorough audit logs to support digital forensics efforts.