What We Do
Managed Services

Managed IT Support

Managed Cloud

Managed Cybersecurity
Professional Services

Consulting & Advisory

Transitions & Transformations

Application Development

Teams Phone & Teams Rooms

Network Cabling

SharePoint Development Services

Cloud Migrations

Cloud Integrations
Modern Work

Modern Work Program

Teamwork & Collaboration Training

Data Analytics & Data Science

Accessibility

Business Process Automation
Artificial Intelligence (AI)

AI Accelerator

Copilot Factory
Who We Help
Large or small, we have a solution to fit your organization

At Clear Concepts, we are passionate IT professionals who want to make a positive impact on your business operation. We understand the value of Information Technology and how it can deliver a return on investment for your organization. We serve a wide variety of business networks, with a focus on businesses between 10 and 500 employees. If you are looking to take your business to the next level, we are the team you need!

The following vertical markets are examples of how we can make an impact but we also serve other business types not featured on our website. From Manufacturing to Retail, Banking to Real Estate, we have the knowledge and expertise to help you succeed. Contact us today to find out how we can help you reach your goals!
Industries

Social Services

Healthcare

Commercial Businesses

Education

Municipal Government

Remote Communities

Nonprofits
Resources
Insights Blog

The AI Imperative - This Hits Home

Getting To Know Microsoft Copilot

Innovate For Impact
More Resources

Insights Blog

Videos & Podcasts

Upcoming Events
About
- Who We Are
- The Team
- Partners
- Awards
Affiliation:
Getting to know us

Who We Are

The Team

Partners

Awards
Careers
Working at Clear Concepts
Employment Benefits
Career Opportunities
Contact Us
Launch Client App

Cyber Kill Chain & Ransomware

Nino Vales 2018-08-20

2023-02-23

Simplified Data Discovery Protection with Cavelo

2020-10-23

Stay Safe Online with these Cybersecurity Tips

2020-05-27

Webinar with Cisco: 10 Myths for SMB Cybersecurity…Busted!

The Cyber Kill Chain model breaks down a Ransomware attack in seven stages. This article will give you an understanding of our security solutions and what is effective based on the current stage of the Ransomware.

Reconnaissance

The threat actor or attacker will gather all public information available for your organization. An example of which is the website's contact us page, phone numbers, or domain WHOIS information. Some attacks involve attackers running an automated script to guess the email addresses associated with the domain.

Recommended:

Better security practice and handling of public information
Cyber Security training to identify Phishing attempts

Stage

Once the threat actor gathers enough information, it now prepares to launch the attack. An example of which is a Phishing email with malicious attachments or URL's to be sent out to the users of the targeted organization.

Recommended:

User Security training to identify Phishing emails from legitimate emails (Cybersecurity training – KnowBe4)

Launch

If the user opens the attachment from a Phishing email or clicked the link then it could execute a script to infect the system.

Recommended:

Cisco Umbrella to filter DNS traffic
Meraki MX Firewall with intrusion prevention system
Office 365 spf, dkim, or dmarc records

Exploit

The stage where the malicious script looks for the vulnerability of the system. An example is an unprotected, unpatched system or outdated firmware. A network with a weak firewall system is severely at risk.

Recommended:

Cisco Umbrella for blocking suspicious traffic
Meraki MX Firewall with Intrusion Prevention System

Install

The stage where the Ransomware payload is installed on the vulnerable system. Workstations with no real-time antivirus protection are at risk.

Recommended:

Host-based antivirus or anti-malware products such as Webroot, Trend Micro, or Cisco AMP

Callback

The infected system contacts the attacker's command and control center to retrieve the key to encrypting the user files. It is also called as the Botnet command center.

Recommended:

Cisco Umbrella to block suspicious categories like newly created domains or known Botnet locations
Meraki MX Firewall to filter out suspicious traffic

Persist

The stage where the system files are already encrypted and a ransom note keeps popping up requesting the victim to pay the ransom.

Recommended:

A security professional to assist with assessing the impact and removal of the Ransomware
Meraki MX Firewall that logs all unusual traffic produced by the infected system to help with the investigation

You might notice that certain security solutions cover several stages of the Cyber Kill Chain model. Implementing these solutions will give you a better chance of avoiding a Ransomware infection.

In addition to this, having a reliable backup solution will save your files in case Ransomware still manages to infect your system.

This model is not perfect, but it gives your business better chances of stopping a Ransomware attack. The cost of these security solutions is minimal compared to the downtime or paying a ransom to recover your files.

Cyber security

2023-02-23

Simplified Data Discovery Protection with Cavelo

2020-10-23

Stay Safe Online with these Cybersecurity Tips

2020-05-27

Webinar with Cisco: 10 Myths for SMB Cybersecurity…Busted!

Protect Yourself Against Macros and Malicious Websites

Explaining the 3 2 1 Backup Rule