Cybersecurity Awareness
- - - Live Hacking Event
    - Experience how attackers proceed, attack companies and steal data. We show you realistically how a cyber attack works. Entertaining, individual and exciting.
- - - Managed Phishing Simulation
    - We carry out individual or continuous phishing simulations together with you. Automatic, event-driven or recurring – we adapt to your wishes and requirements.
Offensive Security
- - - Penetration test
    - We attack systems within the scope of application in an organized and systematic manner and inform you immediately about high and critical security gaps. We then support you in eliminating the security gaps.
- - - Vulnerability scan
    - We use established tools to quickly and efficiently find out which systems are vulnerable, either internally or externally. We filter and check the results and support you in remedying them.
- - - 360° SME analysis
    - For small and medium-sized companies, we offer a cost-effective package that gives you an overview of the vulnerability of your internal and external infrastructure.
Consulting
- - - ISMS Consulting
    - We support you in setting up and expanding your information security management system (ISMS) and, if required, help you to achieve ISO 27001 certification.
- - - External (Chief) Information Security Officer
    - By appointing an information security officer, you fulfill requirements, have a single point of contact and are able to implement measures professionally and appropriately.
Ressources
- - - Blog
    - Read our free IT security blog and find out about news, vulnerabilities and threats.
  - - Success stories
    - Find out more about the projects we have completed for a wide range of clients.
- - - Media package
    - Whether logo, colors or images. Download our materials now free of charge to promote your event.

New Ransomware strategy: pay ransom or publish data!

06/06/2024

New Ransomware strategy: pay ransom or publish data!

The new Ransomware strategy can result in a rattail of costs for those affected. The affected data will now be published if no ransom is paid. Depending on the criticality of the data, this publication may entail further costs. A DSGVO offence could then be the coffin nail.

REvil Ransomware wants to publish data if not paid.

Criminals also constantly come up with something new. And there are hardly any limits to creativity. That shows the current trend of Ransomware. Before the data is encrypted, the cyber criminals steal it. The victim does not want to pay the demanded ransom payment

Then the data is either publicly released or sent to a competitor. From the point of view of the Ransomware developers, this is more promising than simply decrypting the data again. This trend leads to Ransomware attacks becoming data leaks.

In hospitals, practices and other medical facilities, which are rarely as well positioned in the IT security sector as companies in the high security sector, one incident can be the last. Personal and particularly sensitive data, such as membership of a religion or the degree of disability, should not be made accessible to third parties. A recent fine imposed on a hospital in Rhineland-Palatinate shows that incorrect handling of information can quickly become expensive. 105,000 EUR expensive.

The new Ransomware strategy has the same vulnerability as any malware: the human!

For years technical systems have been developed to keep malware out. However, they never promised 100% security. Increasing digitalization makes it increasingly difficult to maintain a 360° overview of the infrastructure, devices and network.

Since most cyber attacks use email as a gateway, solutions are popular – but the one or other phishing email or mail with malware still gets through. This residual risk can only be reduced by informed and trained employees.

Chris Wojzechowski

Mein Name ist Chris Wojzechowski und ich habe vor wenigen Jahren meinen Master in Internet-Sicherheit in Gelsenkirchen studiert. Ich bin geschäftsführender Gesellschafter der AWARE7 GmbH und ausgebildeter IT-Risk Manager, IT-Grundschutz Praktiker (TÜV) und besitze die Prüfverfahrenskompetenz für § 8a BSIG. Unser Brot und Buttergeschäft ist die Durchführung von Penetrationstests. Wir setzen uns darüber hinaus für ein breites Verständnis für IT-Sicherheit in Europa ein und bieten aus diesem Grund den Großteil unserer Produkte kostenfrei an.

AWARE7 GmbH

Munscheidstr. 14
45886 Gelsenkirchen

Tel. +49 (0) 209 - 8830 6760

Fax. +49 (0) 209 - 8830 6769

Mail info@aware7.de

Opening hours
Monday - Friday
8:00 - 17:00

COMPANY

Code of Conduct

AWARENESS

Live Hacking Show

Managed Phishing Simulation

RESOURCES

IT-Security Blog

Success Stories

OFFENSIVE SERVICES

Penetration test

Vulnerability scan

IT security emergency

360° SME analysis

CONTACT

Call for proposal (CfP)

CONSULTING

ISMS consulting

External information security officer

Imprint Privacy policy