Tag

Ransomware Defense

Provides in-depth coverage of ransomware threats, attack vectors, and defense strategies. Articles address backup best practices, endpoint protection, network segmentation, incident response procedures, and recovery planning to help organizations withstand ransomware attacks.

posts

Security of Cyberspace

Security of Cyberspace: What Actually Works in 2024

A $12.5 Billion Problem Nobody Can Ignore The FBI's Internet Crime Complaint Center reported $12.5 billion in losses from cybercrime in 2023 — a 22% increase from the prior year. That number represents real money stolen from real organizations, many of whom believed they had adequate defenses.

Carl B. Johnson Jul 10, 2024 7 min read
IT Security

IT Security in 2024: What Actually Works Now

In March 2024, UnitedHealth Group's subsidiary Change Healthcare was hit by a ransomware attack that disrupted insurance claim processing for hospitals and pharmacies across the United States. The company reportedly paid a $22 million ransom. The attack vector? Stolen credentials used to access a remote system that lacked

Carl B. Johnson Jul 10, 2024 7 min read
Computer Security

Computer Security: What Actually Works in 2024

In February 2024, Change Healthcare — one of the largest health technology companies in the U.S. — got hit with a ransomware attack that disrupted pharmacies, hospitals, and insurance claims processing across the entire country. UnitedHealth Group confirmed the breach affected a substantial portion of the American population. The attack vector?

Carl B. Johnson Jul 10, 2024 7 min read
Computer Virus Prevention

Computer Virus Prevention: 9 Steps That Actually Work

The Virus That Cost a Hospital Chain $100 Million In 2017, the NotPetya malware ripped through networks worldwide. It wasn't theoretical. Nuance Communications, a major healthcare IT vendor, took a $92 million hit. Maersk, the shipping giant, lost around $300 million. Heritage Valley Health System in Pennsylvania lost

Carl B. Johnson May 13, 2024 6 min read
Computer Security Service

Computer Security Service: What Actually Works in 2024

The Breach That a $200K Security Stack Couldn't Stop In January 2024, a mid-sized accounting firm in the Midwest had firewalls, endpoint detection, SIEM logging, and a managed SOC. They spent over $200,000 a year on their computer security service stack. Then an employee clicked a phishing

Carl B. Johnson May 13, 2024 7 min read
Ransomware Attack Prevention

Ransomware Attack Prevention: A Practical Guide for 2024

In January 2024, Fulton County, Georgia — home to Atlanta — was crippled by a ransomware attack that knocked court systems offline, disrupted tax processing, and left residents unable to access basic government services for weeks. It wasn't an isolated event. The FBI's Internet Crime Complaint Center (IC3)

Carl B. Johnson Feb 28, 2024 8 min read
NIST Cybersecurity Framework

NIST Cybersecurity Framework: A Practical Guide for 2023

The Framework That Could Have Prevented a $150 Million Mistake When Equifax disclosed its catastrophic 2017 breach affecting 147 million Americans, the postmortem was brutal. The company had failed at the most basic elements of what the NIST Cybersecurity Framework prescribes: asset inventory, patch management, and network segmentation. The FTC

Carl B. Johnson Nov 09, 2023 7 min read
Medusa Ransomware

Medusa Ransomware Gang Phishing Campaigns Explained

A Ransomware Gang That Starts With Your Inbox In 2022, the Medusa ransomware gang emerged as one of the most aggressive threat actors targeting organizations through phishing campaigns. They don't kick down the front door — they walk through it with stolen credentials, harvested from carefully crafted phishing emails

Carl B. Johnson Dec 25, 2022 6 min read
Cybersecurity

Cybersecurity in 2022: What Actually Works Now

The Breach That Should Have Changed Everything In March 2022, the Lapsus$ group breached Okta, Microsoft, Samsung, and Nvidia in rapid succession — not by deploying sophisticated zero-day exploits, but by buying stolen credentials, social engineering help desk employees, and exploiting MFA fatigue. A group reportedly led by teenagers embarrassed some

Carl B. Johnson Aug 23, 2022 7 min read
Computer Security Security

Computer Security Security: Layers That Actually Work

In March 2022, Okta confirmed that the Lapsus$ threat actor group had breached a third-party support engineer's laptop and accessed internal systems. The attack didn't exploit some exotic zero-day vulnerability. It started with compromised credentials — a single point of failure in what should have been a

Carl B. Johnson Jul 30, 2022 7 min read