How To Protect Your Business From Costly Ransomware Attacks

It’s never good news when cybersecurity is in the news. Unfortunately, that’s certainly been the case this year, as story after story has emerged of cyber attacks and hacks crippling major corporations and utilities. The ransomware attack that halted Colonial Pipeline, hiking prices and causing gas shortages on the East Coast, was one of the most well-known recent incidents, but certainly not the only one: hackers also targeted food suppliers, insurance companies, communication companies, and many more. Indeed, one prediction from Cybersecurity Ventures predicts that businesses will be attacked by ransomware every 11 seconds by the end of 2021.

Though that particular estimate is on the higher (and more alarming) end, there’s no question that cybersecurity is an absolutely essential part of any responsible business’s IT agenda. If you run or work for a small business, you may not be a target of the multi-million dollar schemes affecting some of the major, international corporations, but you are still at risk. There’s no need for panic though. With a few precautions, you can make sure your business is protected.

Why Ransomware Attacks Are So Common Now

To begin understanding how you can protect your network, employees, and business, it’s important to understand what exactly is happening.

hacked laptopTo start, let’s look at exactly what a ransomware attack is. Essentially, ransomware is malicious software (or malware) that infects a computer or network, taking control and restricting access to files and programs. The only way for the system’s owner to regain control and keep their data from being destroyed or publicly leaked is to pay a ransom to the malware’s creators.

Lately, attacks like this gotten more frequent. Many exporters and observers agree that this is most likely a side effect of the COVID-19 pandemic.

Why? Due to the pandemic, many workers transitioned from working in offices every day to working from home. Unfortunately, many also began using unsecured remote networks to do their work, opening themselves up to attack.

At the same time, hackers took advantage of the fear and uncertainty bred by the pandemic to start sending out targeted phishing emails. Using subject lines with topics related to coronavirus prevention and safety measures, these emails, often falsely attributed to reputable sources like the World Health Organization or the Center for Disease Control, tried to dupe worried readers into surrendering important data and credentials. Sometimes it worked.

How You Can Keep Your Network Safe

Even as we better learn to battle COVID-19 and life returns to something closer to normal, the threat of ransomware attacks persists. Fortunately, protecting against them is not as difficult or complicated as it may seem.

Here are three steps to take:

icon of virus-free smartphone

1. Enlist the aid of managed services pros

To start, one of the key things to remember is that you don’t have to fight this by yourself. Partnering with a trustworthy and proven network management team like the experts at Beacon IT Services (BITS) can go a long way towards securing your network and your data. (Not to mention all of the other benefits of our services, including cloud migration, data recovery, and general systems maintenance.)

2. Set up a VPN

Next, your BITS team will work on securing your remote network. In most cases, that will mean setting up a virtual private network (VPN) for you and your team to work on. VPNs offer the security and function of a traditional, hardwired private network while still allowing users to access it remotely. BITS partners with SonicWall to offer a variety of secure and reliable VPNs that will secure your network.

3. Prepare your team to spot scams

You also must train your employees to recognize the signs of potential phishing emails. From keeping an eye out for suspicious and overly complex email addresses to unusual requests for social security numbers, credit card info, and other sensitive data, there are some simple things employees should always watch out for. Your IT expert can provide info on essential best practices and can offer recommendations on valuable services like KnowBe4 if more in-depth anti-phishing measures are required.

BITS will also install powerful firewalls and anti-virus software on your network to keep it safe from other threats. Our 24/7 network monitoring also allows us to identify any issues as they arise—before they become a problem for you and your business.

Don’t Fall Victim to Ransomware: Contact BITS Today

Don’t waste time: contact us now to get to work on securing your network.

If you already partner with us, don’t hesitate to reach out if you have concerns about your security. We’ll work with you to make sure everything is secure and that you have the best protection possible.

By | 2021-07-23T07:32:09+00:00 June 24th, 2021|System Administration, Cyber Security, IT Services|

Cybersecurity: Small Business Solution to an International Problem

“Cyber intrusions and attacks — many of them originating overseas — are targeting our businesses, stealing trade secrets, and costing American jobs. Iranian hackers have targeted American banks. The North Korean cyber attack on Sony Pictures destroyed data and disabled thousands of computers. In other recent breaches that have made headlines, more than 100 million Americans had their personal data compromised, including credit card and medical information.”

This commentary doesn’t belong to a cybersecurity expert working for big business. And they’re not an assessment by a member of the intelligence community.

No, these words were published in an April 1, 2015 op-ed in Medium (a popular online journal) by none other than the 44th President of the United States, Barack Obama. They speak to the enormity and seriousness of the problem that cyberattacks initiated in foreign countries present to American businesses and citizens.

These concerns have not dissipated in the interceding years. In fact, the threat continues to grow.

Cybersecurity vulnerability isn’t just an American problem. It is a truly global concern. That recognition has driven international cooperation among the world’s governments, best exemplified by early agreements like the Budapest Convention on Cybercrime, and supported by more recent measures, like the Obama Administration’s Executive Order promoting the sharing of private sector cybersecurity information.

These efforts aim to protect consumers and businesses in developed nations, by building up capabilities and shoring up vulnerabilities in both developed and developing countries. After all, cybercriminals often operate more freely in less-regulated, emerging economies.

But, not all international initiatives succeed. In fact, nations like China, Russia and India have bristled at the terms of agreements like the Budapest Convention, preferring to keep their policies, capabilities and vulnerabilities closer to the vest.

So, while some global efforts are succeeding in identifying and bridging cybersecurity gaps – this paper by the non-profit Third Way captures the latest success and challenges – American businesses still face a digital environment fraught with danger.

As a business owner, you can appreciate the gains made by global cybersecurity cooperation. But, at the same time, you must also do everything you can on your own to secure your digital assets.

Protecting Your Business From International Cybercrime

There are a number of things you can do to minimize the chance of being victimized by international cybercriminals. This article from The SSL Store outlines a detailed, robust 9-step guide for cybercrime prevention:

  1. Follow industry best practices (GDPR, NIST, HIPPA, PCI SSC)
  2. Implement digital and physical security measures (antivirus, firewalls, etc)
  3. Keep up with asset lists, patches and software updates
  4. Manage SSL/TLS certifications and keys for your domain
  5. Train employees to identify threats and take appropriate and immediate action
  6. Implement email security solutions and run your employees through phishing simulations
  7. Monitor traffic and access to increase transparency
  8. Test and assess your systems regularly
  9. Develop, implement and enforce new security policies often

This a great, comprehensive list. The only problem is, it’s impossible to implement all of these recommendations for most small businesses. If you have the budget for a robust IT team, yeah, you can handle most of this in-house. But, most small businesses run a shoestring IT operation with one, maybe two, people.

So, What Can Small Businesses Do To Prevent International Cybercrime?

If you’re a small business, a more reasonable technical solution may be to simply wall yourself off from countries known to host a large number of cybercriminals. If you don’t do business in places like Russia, China, Brazil, or any other country from which a large number of cyberattacks are known to originate, then there’s no reason to leave yourself exposed to bad actors in those locales.

One solution we’d recommend is the SonicWall Geo-IP Filter. Configuring the filter is relatively straight-forward and easy. If you don’t do

any international business at all, you can simply block all international traffic and call it a day. If, on the other hand, you have a few international markets where you’re active, you can set up the filter to allow connection from just those countries.

But, what if you have a substantial number of customers in some of those less-regulated countries? For this scenario, you can create a “white list” of IP addresses that belong to your clients and you know are safe, and still block traffic from everyone else.

One word of caution: the Geo-IP Filter may not protect your network from VPN connections. VPNs are used to route internet traffic through one or several servers located in different parts of the world, masking the true origin of the user.

Beacon Knows Cybersecurity

Want some expert help setting up the Geo-IP Filter, or implementing any other cybersecurity measure? BITS is here to help. Give us a call today.

By | 2020-09-22T12:27:02+00:00 November 19th, 2019|IT Services|

The Scary Interwebs: Top Cyber Security Threats in 2019

Big plans for Halloween this year?

The October 31st holiday is an annual pilgrimage to the Altar of the Sweet Tooth for the kids. For adults, on the other hand, the celebration is closer to a fetishization of all things horrifyingly scary.

If you’re a small business owner, or an executive tasked with keeping your company’s digital infrastructure and business data safe, however, you might be forgiven for wanting to skip the terror-fest this year. Why? Because the number and variety of cyber threats just keeps increasing exponentially, year after year, making every day Halloween.

A few obligatory frightful statistics to ponder:

  • A hacker attack on an internet-connected computer or device occurs every 39 seconds.
  • Depending on who you ask, anywhere between 43% and 50% of cyber attacks target small businesses specifically. Oh, and small business typically invest less than $500 on cyber security.
  • Despite the prevalence of cyber crimes and the attention they receive, only about 10% are actually reported – meaning that the statistics above and below may represent the low end of the possible threat spectrum.
  • Some off-the-shelf hacking tool kits are available for purchase for as little as $1.
  • Roughly three out of four organizations lack even a basic cyber security incident response plan.
  • A data breach can often go nearly six months before being detected – and this is true for your financial institutions (Capital One), credit monitoring agencies (Equifax) and even the big boys in tech (Facebook).

What new and potentially devastating cyber threat trends emerged in 2019? Let’s take a look.

Cloud Computing Infrastructure Exploitation

Over the last several years, cloud data storage has become big business, and a popular method of managing your company data. However, non-secure sign-up processes, ease of use and low costs make cloud providers targets for all sorts of nefarious actors.

“Hackers have been found using cloud services to mask their identities while carrying out attacks. We have seen hackers exploiting and abusing popular cloud-based services such as Google Cloud Platform, Microsoft Azure, Asus Cloud, Google Drive, Dropbox, and others to fool their victims. Hackers may use these services to spread malicious code or distribute macro-laden documents and spreadsheets or use them as command and control servers. Hackers were also found using cheap cloud services to host their entire DDoS and brute force infrastructure, and then targeting users and other cloud providers.” – TechGenix

Mobile Fraud

As more and more financial transactions are being initiated on mobile devices, cybercriminals have shifted their exploits to the apps supporting e-commerce.

“Today, mobile fraud is outpacing web fraud. More than 60% of fraud originates from mobile devices. It used to be mobile browsers that were fraud heavy, but now 80% of mobile fraud comes from mobile apps.” – RSA White Paper

Blockchain Privacy Poisoning

Just last year, blockchain technology was being hailed as the most secure method of encryption. How quickly things change.

Hackers have found a way to turn legislation aimed at protecting online consumers – GDPR – into an exploitation through what’s now being called “privacy poisoning.”

“The term […] refers to the insertion of personal data into a public blockchain, thereby making that blockchain non-compliant under the European General Data Protection Regulation (GDPR). According to the GDPR, all individuals have ‘the right to be forgotten,’ so you can immediately see why blockchain technology represents such a problem: by their very nature, blockchains are meant to be completely unchangeable and immutable. So this naturally creates a paradox for organizations: you have personal data ‘on chain’ that cannot be altered, and you simultaneously have the right of individuals to change, alter or delete their data at any time. Personal information cannot be deleted without compromising the chain.” – CPO Magazine

Software Supply Chain Attacks

Not only are hackers targeting cloud networks and mobile banking apps, they’re also going after the source code via software supply chain attacks.

“Attackers hunt for unsecure network protocols, unprotected server infrastructures, and unsafe coding practices. They break in, change source codes, and hide malware in build and update processes.

Because software is built and released by trusted vendors, these apps and updates are signed and certified. In software supply chain attacks, vendors are likely unaware that their apps or updates are infected with malicious code when they’re released to the public. The malicious code then runs with the same trust and permissions as the app.” – Microsoft 

DDoS

Distributed denial of service (DDoS) attacks – flooding a targeted website with an overwhelming amount of traffic – are nothing new. In fact, it’s one of the oldest methods of carrying out cyber warfare.

DDoS attacks were on the decline as recently as 2018. But that trend appears to be over, as Kaspersky Lab notes:

“Last year the number of DDoS attacks was constantly falling, leading Kaspersky Lab experts to assume that cybercriminals who had been conducting DDoS attacks for financial gain had shifted their attention to other sources of income (such as crypto-mining). However, statistics for Q1 2019 contradict this trend and show that the number of DDoS attacks blocked by Kaspersky DDoS Protection has actually grown by a staggering 84%, when compared to Q4 2018. This figure could indicate that such attacks were still in demand, despite being inaccessible when popular DDoS marketplaces were taken down. Once new DDoS-for-Hire websites launched, the number of attacks grew exponentially as a result.”

Beacon Knows Cyber Security

Want to make sure your business is protected from the latest hacker exploits? Beacon is here to help. Give us a call today.

By | 2020-09-22T12:27:02+00:00 October 24th, 2019|Computer Related, IT Services|