Cyber attacks happen every 39 seconds. Preparation is a critical part of reducing the threat of an attack and mitigating the costs of cyber crime. Pragma’s Pre-Loss Services can help your organisation take the necessary steps to prepare for a cyber attack.
- Pragma will implement new protective software to identify weak points that can be fortified. Special emphasis will be placed on Personal Identity Protection.
- We will train your employees and staff about their role in cybersecurity. Best practices will be identified, explained, and encouraged.
- Pragma will show specific actions to take to minimise risk by auditing compliance to security and data protection standards.
Strong security software, engaging and practical training, and stringent compliance audits work together to form a comprehensive pre-loss plan.
If your organisation is ever targeted, Pragma can be there to defend you. Our Cyber Incident Response Team (CIRT) can help you take the best steps at the earliest possible moment. Pragma will assign a dedicated Incident Response Specialist to your case who will help you take these steps:
- Conduct a triage and quickly perform containment and restoration.
- Bring together your own team to manage your operations from the inside.
- Switch to backup servers as quickly as possible if these are available.
Everyone wants to understand why they were attacked. You want to know how this attack happened. Pragma’s Cyber Forensics Investigation will give you these answers. The forensic capabilities of Pragma’s investigators come from law enforcement, intelligence and litigation training and experience. Our CIRT has years of experience dealing with cyber threats, attackers, and analysis.
In combination with the latest digital forensic techniques, our training and experience enable us to supply valuable viewpoints when investigating complicated cases.
We conduct the following investigations
- Malware and Malicious Code Analysis
- Phishing and Email Fraud
- Unauthorised Access and Compromised Machine Analysis
- Distributed Denial of Service (DoS/DDoS)
- Policy Violations or Improper Usage
- Ransomware Payment and Recovery
- Forensics Imaging (including mobile devices)
- Fact-finding, Live Interviews and Evidence Collection
Downtime can cost more than just money. It can cause lasting reputational damage to an organisation. One of the primary goals of our Cyber Incident Response Team is to get you up and running as quickly as possible. During the recovery phase of cyber incident response, our team will work to achieve your Recovery Time Objective (RTO).
Operations can be recovered to Pragma’s CloudControl platform within minutes of starting the recovery phase. CloudControl is our secure cloud platform powered by Amazon Web Services (AWS). It provides continual visibility into compliance risks across your environment to ensure you meet global risk regulations.
Other aspects of our recovery and remediation services include
- Rapid Recovery to the Cloud
- On-site System Recovery, Restoration from Backup
- Rebuilding of Systems and Technology
- Dedicated IT Support Team
Ransomware attacks are a grave threat. If your organisation is experiencing an attack or has received a threat, then you are already aware of the damage that could be done.
Some people find it easy to suggest ransoms should never be paid. However, victims targeted by these sophisticated attackers often feel there is no other choice.
If you are targeted by a ransomware attack, you should seek specialist help before deciding your course of action. Our CIRT will help you evaluate the situation so that you will be in a better position to decide.
- Our analysis of the ransomware strain determines the likelihood of permanent data loss or corruption. We also identify the probability of the attacker returning the data or supplying a decryption key.
Ransomware Negotiation Service
- Pragma conducts negotiations using the attacker’s native language and pre-created online identities. Our
strategies minimise the amount paid, lower possible risks during payment, and focus on your recovery.
Facilitation of Ransom Payment
- A check against the OFAC Sanctions List is made prior to the ransom payment.
- We deploy pre-created online identities, bitcoin accounts, and payment systems to ensure a successful transaction.
Decryption and Recovery
- “Proof of Life” trial of decryption key using sample files.
- Technical confirmation of decryption accuracy through sample decryption.
- Written decryption instructions and assistance during the decryption process.
- Incident report to meet your insurance and compliance obligations.
Our ransomware response avoids unnecessary payments, shuts down repeat extortion, and helps you focus on your organisation’s recovery. If criminals are demanding a ransom, turn to the experts.
After an attack, Pragma investigates the vulnerabilities of the affected systems. Our investigation and analysis provide vital information about weak points in your system’s security. This information shows us vulnerable areas we can strengthen to guard against further attacks. Pragma’s Security Strengthening services aim to increase your network and device security to prevent digital attacks. Antivirus programs, advanced firewalls, and AI-driven threat scanning are all part of our security strengthening approach.
Industry-Leading Security Tools
- Acronis comprehensive backup solution, so you never have to worry about your data.
- Office 365 environment review and hardening to reduce phishing attacks.
- InsightVM gives fast and accurate detection of your system’s security vulnerabilities.
- Comprehensive firewall review and configuration to reduce your system’s attack surface.
- Identity management tool provides complete visibility of user access and activity.
- CyberKit gives your organisation new abilities to detect operational threats.
- CloudControl offers rapid recovery to our secure cloud environment hosted on AWS.
- Seawall integrated risk management solution designed to enhance maritime security.
- Sophos cloud-based endpoint protection provides security right to the edge of your network.
All these tools and strategies work together to provide your organisation with an enhanced, multi-layered security solution designed to drive off attackers before they strike.
For a full list of security strengthening services, visit https://www.pragmastrategy.com/secure/
Your organisation can benefit from a constant security presence. Our retainer services provide you with a fully trained Incident Response Specialist who can work with you consistently to enhance your digital security.
You can expect:
- A specialist who is guaranteed to be available when you need them.
- Your designated specialist to respond rapidly to any security event.
- You can have peace of mind knowing our team is always there for you.
No one feels safe while simply waiting for an attack to come. Pragma believes proactive security is better than simply hiding behind a firewall. We have designed a service to extend your protection beyond your perimeter.
Pragma’s Managed Detection and Response provides
- Intrusion Detection
- Malware and Malicious Activity Scanning
- Rapid Response Threat Mitigation
This is a new type of security service integrating the dedicated experts, technology and intelligence required to overcome the shortcomings of an older Managed Security Service Provider model. We provide consistent and proactive detection, investigation, and mitigation services.
120Years of combined security experience.
85Service coverage in over 85 countries across Asia, Australia, the United Kingdom and Europe.
60Rapid response times within 60 mins.
– Chief Operating Officer, Regional Healthcare Services Company.
- Reacting Quickly to a Compromised Server Immediately Stopped AttackersSeptember 7, 2020
Every successful ransomware attack has at least three elements
- Victim’s data is encrypted and locked by the attacker.
- Ransom payments are made by the victim.
- Data is returned to the victim through decryption.
The key to successfully defeating ransomware attacks is planning.
Ransomware defence is best done in layers. We will use three layers of protection
- Proactive hardening of software systems and employee training to prevent the initial intrusion.
- Implementing a clear Incident Response Plan backed by a Cybersecurity Incident Response Team (CIRT).
- Installing the necessary backup systems to defeat the need to pay the ransom.
If an attack occurs, we will quickly identify and isolate the affected systems. Swift containment and proper backups are often enough to stop a ransomware attack in its tracks. Payment of a ransom should be carefully evaluated only when every alternative has been exhausted.
Our CIRT has extensive experience defeating over 30 of the most common ransomware variants. We have helped many organisations defend themselves from these attacks.
More than 50% of phishing attacks target Office 365 (O365). Criminals target O365 because of its popularity amongst commercial users and easy access to a wealth of sensitive information. Phishing is a technique to trick users into disclosing their login credentials. If successful, the attacker can conduct further internal attacks from within the organisation using trusted accounts. These intrusions can go unnoticed for weeks and months.
In case of an attack, a Pragma Cyber Incident Response Specialist will respond with a thorough plan, including
- In-depth investigation into the client’s O365 tenant account, event logs and user endpoint scanning.
- Removal of suspicious rules created by the attacker from the tenant account and activation of audit logs to
ensure no suspicious logins to affected or other accounts after the password is changed.
- Recommendations to clients to strengthen their password policy for work systems, implement data loss
prevention software, and enable two-factor authorisation on their O365 account.
To protect our clients, we use several methods
- State of the art malware removal tools.
- Attack surface protection through access control, endpoint hardening, and multi-factor authentication.
- Implementation of protective controls to reduce the likelihood of a repeat attack
Recover operations to the cloud quickly with minimum downtime.
Deployment of forensics in the cloud for rapid data acquisition and analysis.
Detailed analysis and findings from the case in a report that can be used by courts and attorneys.
Partnerships with global insurers to improve incident support, claim handling and clients’ experience and satisfaction.
If you suspect a breach, contact our emergency hotline supported by our global offices below. Not in these countries? Fill out the contact form below or email us at [email protected] Our experts will be in contact with you shortly.
35A Keong Saik Road, 03-00 089142 Singapore.
+65 3165 8788
L39, One Canada Square, Canary Wharf, London, E14 5AB, United Kingdom.
+44 20 3318 1470