(Photo by Flicker user Yuri Samoilov)
On June 29, a Massachusetts homeless shelter announced that it was a target in a ransomware attack — the kind of cyber breach that entails an attacker gaining access to a network, encrypting data and demanding payment in return for access to be restored.
Shortly after, Dennis Underwood, a former security expert in the intelligence community who founded Severna Park-based Cyber Crucible, announced the company’s new Ransomware Rewind product. It’s a patent pending capability that automatically decrypts ransomware and restores systems and files back to normal. The product is currently in limited release to hand-selected organizations. But given the potential for ransomware attacks against nonprofits that was demonstrated in Massachusetts, Underwood has made the product available for free to small nonprofits.
“You don’t want to have to decide between ensuring the community members you are serving have their needs met, or making sure that bad actors can’t access and control your files,” Underwood said. Cyber Crucible is looking to ensure these nonprofits don’t have to choose.
Underwood is aiming to meet the needs of the nonprofits by ensuring that the software is both easy to install, easy to monitor and that they have a simple solution for if they are faced with ransomware attacks and are notified through this system.
“Nonprofits and other businesses alike need to understand that there are two major types of ransomware — the first of which is wide-net in nature, meaning hackers cast out spam to all of North America, for example,” Underwood said. “The second tends to be more sophisticated, highly orchestrated within an organization so attackers can do the most damage. Ransomware Rewind is something that we designed to be used by anyone; it gives the user access to cryptographic analysis without needing the technical expertise that is traditionally required for running this type of software.”
The implementation of this product is straightforward: You log onto the web app, download the software, then leave it running in the background while you go about your normal activities while the software monitors any potential suspicious activity. In the event of an attack Cyber Crucible’s software automatically detects, analyzes and responds to issues. It also allows for all files to be decrypted, even if there are no backups.
“We have to have a way for users to easily access and use the product. What we are seeing in the news is just the tip of the iceberg of cyber attacks,” Underwood said, referring not only to the Massachusetts attack, but also those against government entities like the City of Baltimore, along with cities in Georgia, Florida, Louisiana, and now Texas have also been targeted.
The initial Ransomware Rewind (RR) product launched last Thursday, August 15, and as Cyber Crucible is working to fine-tune RR, it is immediately available to qualifying nonprofits in the Baltimore and Pittsburgh metro areas. By starting to work locally, the Cyber Crucible team can address any challenges or questions before serving a wider audience to ensure they are meeting the needs of the nonprofits.
“We know there will be bumps in the road with any product but we are 100% committed to ensuring that we are there. We are already seeing malware generations and variants that are not reported in the news,” says Dennis. “We are already seeing those in our software and are able to stay a step ahead of those hackers”.
Nonprofits seeking cybersecurity services can fill out the “contact us” form on Cyber Crucible’s website and they will be contacted about their eligibility to apply for Ransomware Rewind. Underwood said to please keep in mind that the focus of the free product at this time is on small, local nonprofits, but larger organizations are still encouraged to reach out as Cyber Crucible works to formalize a discount program for them.
“Smaller nonprofits do a lot with smaller resources, they are the heroes that make it all work. They are the people on the ground,” Underwood said.-30-
Baltimore City Council cybersecurity committee to hold first hearing [Events Roundup]
A ‘Moon colony’ challenge gave Maryland Girl Scouts a hands-on cybersecurity lesson
AvengerCon IV showed how U.S. Cyber Command is building community
How this lawyer is helping entrepreneurs bark up the right tree
Columbia-based USRA’s robotics and space programming just got a boost
Baltimore bought $20M in cyber insurance. Such policies are becoming more common
Index Analytics brings tech and talent to partnership with Code in the Schools
Get to know SmartLogic’s culture of plants, podcasts and productive client relationships
Sign-up for daily news updates from Technical.ly Baltimore