Encryption At All Times

Blueshift was founded in 2004 by a team of network security specialist. Our staff continues to pay close attention to security market trends and believes in keeping critical data encrypted at all times.

During the service setup process a backup policy is created and customer information is encrypted with a key known only to the customer. Data remains encrypted during the entire data transfer process and while at rest in hardened data centers. These are important points to remember as some software manufacturers and service vendors forgo data encryption steps to speed up other processes. Blueshift doesn’t believe in sacrificing customer data security and integrity.

Defense In-Depth

Blueshift believes in the principle of “defense in-depth” which is the placement of multiple layers of defense to protect critical data assets. This layering tactic is originally a military strategy that has transitioned to describe modern day network security.

If one of your goals is to protect business information assets then having your critical data backed up and securely held at off-site locations should be one of your defense layers. Especially with many of the recently released “zero-day” exploits and “ransomware” phishing attacks which we describe in more detail below.

A History Of Hacking

Since the earliest days of the Internet hackers have attempted to circumvent systems to gain control. In the 1970s the first modern day hackers were able to make free phone calls, a practice that became known as "phreaking." By the 80’s there were computer clubs and the world’s first virus, named "Brain”. The 1990's ushered in the modern information security industry and notable threats like the Michelangelo virus, Melissa, and Concept. DOS attacks began as did the first real phishing attacks. By the turn of the century malicious Internet activity turn into a major criminal enterprise aimed at monetary gain. Adware and spyware entered the scene with such programs as Conducent TimeSink, Aureate/Radiate and Comet Cursor. Adware and spyware, aggressively self-propagating malware also appeared. Big name threats such as Code Red, Nimda, Welchia, Slammer and Conficker all began taking advantage of unpatched machines. Phishing attacks also became mainstream; first heavily targeting online banking then moving onto social networking sites. Today we have zero day attacks, rootkits, rogue antispyware, SPIM, clickfraud and other attacks.

Best Defense Against Zero-Day Attacks Is Yesterday

One of the most indefensible threats enterprises face today is known as a “zero-day attack”. Zero-day attacks are first found as software vulnerabilities or flaws that leave enterprises exposed to an attack before a patch or workaround is available. These vulnerabilities can be found in operating systems, applications and hardware. Sometimes zero-day vulnerabilities are unknown to all but a cyber attacker or a supplier who sells zero-day discoveries on the black market. In other cases, the software vendor knows about the vulnerability but has not yet issued a patch.

Some Useful Hints To Help Mitigate Zero-Day Attacks

  • Backup all your data

  • Make a separate backup policy for the vulnerable application(s)

  • Include versioning for recovery point objectives

  • Have a virtual or physical standby server ready

  • Create a clone of the entire OS image

Ransomware Stormcast

Animation Video

Video

Ransomware & Backup

The Last Line of Defense

Infographic

Ransomware Propagation

Animation Video

Video

2016 Ransomware Factoids

Ransomware Infographic

Infographic

Crypto-Ransomware on the Rise

Learn what to do

Crypto-Ransomware