According to the latest report of bleepingcomputer, the digital security giant entrust has confirmed that it has suffered from network attacks, and the threats have destroyed their networks and stolen data from internal systems. Entrust is a security company focusing on online trust and identity management, providing a wide range of services, including encrypted communication, secure digital payment and identity certification solutions. Based on the stolen data, this attack may affect key and sensitive organizations that use trust heavily for identity management and authentication. This includes U.S. government agencies, such as the Department of energy, the Department of homeland security, the Department of finance, the Department of health and human services, the Department of Veterans Affairs, the Department of agriculture, and so on.
Trust Inc. is a world leading Canadian Network Security high-tech company listed on NASDAQ in the United States. The company was founded in 1994, formerly known as the data network security research and Development Department of Nortel Networks in Canada. The headquarters of the company is registered in Plano, Texas, USA. The development center is located in Ottawa, Canada, which is famous for its northern Silicon Valley, and Silicon Valley, California, USA.
It has branches or offices in the United States, Canada, Britain, Switzerland, Germany, Japan and China. It was listed on NASDAQ (No. entu) on August 18, 1998. As a world-famous CA manufacturer, entrust has established a trusted virtual environment around the world, so that anyone can safely conduct digital transactions and communication anywhere. Its SSL certificate is selected by 65% of the global top 500 enterprises, accounts for 75% of the market in EV SSL, is selected by the world’s top 40 banks, and is used by 67 websites in the world’s top 100 e-commerce websites.
A total of more than 800000 websites choose entrust’s SSL certificate to ensure the security of confidential information on the website. Trust provides trust services for websites, software developers and individuals, including issuing SSL server certificates that specifically deal with website authentication and encryption. More than 83% of the world’s top 500 enterprises use certificates from trust SSL servers. Through powerful encryption functions and strict authentication measures, entrust protects the security of more than 600000 web servers around the world. Many well-known websites around the world, including Amazon,
Yahoo shopping, AOL, Google and Citibank, have installed SSL server certificates of entrust to strengthen website security protection. In order to expand its service field and scope, entrust has established strategic cooperative relations with American Express, checkpoint, Microsoft and Cisco. More than 70 digital trust service providers, including Britain, France, Germany, Italy, Australia, Brazil, South Africa, China, Japan and other countries and regions, have joined the trust network of entrust. The Security Notification confirms that the data was stolen from the internal system of entrust. However, it is not clear whether this is pure company data or customer and supplier data.
According to Vitali kremez, CEO of advintel, blackmail software organizations bought damaged trust credentials and used them to destroy their internal networks. Kremez told bleepingcomputer in a conversation about the attack: “the blackmail group operators involved rely on the network to access the seller’s trusted network to obtain initial access to the trust environment, which leads to subsequent encryption and disclosure through known blackmail software groups.” Unless entrust pays the ransom request, we may know the extortion software operation behind the attack when they publicly release the stolen data.
The simplest and most effective way to ensure data security is to back up data on a regular basis, so that data can be restored no matter what kind of problem causes data loss. However, determining how to backup in order to maximize data security is not an easy task. There was a major failure in 2018. Due to hard disk failure, a well-known cloud service provider lost all of its customers’ data. In general, a large cloud service provider will have multiple data backups. Even if the hard disk is damaged, it will not result in a catastrophic loss of data. However, for a variety of reasons, all three copies of the data are deleted, and the data loss can not be identified.
Vinchin Backup & Recovery allows you to recover an entire XenServer VM in a simple manner. Simply follow three simple steps, selecting the desired restore point, destination, and strategy, and all backup data in a single VM will be directly transferred from the backup depository to your primary or local site in a very short period of time.