How To Protect Your Business From Costly Ransomware Attacks

It’s never good news when cybersecurity is in the news. Unfortunately, that’s certainly been the case this year, as story after story has emerged of cyber attacks and hacks crippling major corporations and utilities. The ransomware attack that halted Colonial Pipeline, hiking prices and causing gas shortages on the East Coast, was one of the most well-known recent incidents, but certainly not the only one: hackers also targeted food suppliers, insurance companies, communication companies, and many more. Indeed, one prediction from Cybersecurity Ventures predicts that businesses will be attacked by ransomware every 11 seconds by the end of 2021.

Though that particular estimate is on the higher (and more alarming) end, there’s no question that cybersecurity is an absolutely essential part of any responsible business’s IT agenda. If you run or work for a small business, you may not be a target of the multi-million dollar schemes affecting some of the major, international corporations, but you are still at risk. There’s no need for panic though. With a few precautions, you can make sure your business is protected.

Why Ransomware Attacks Are So Common Now

To begin understanding how you can protect your network, employees, and business, it’s important to understand what exactly is happening.

hacked laptopTo start, let’s look at exactly what a ransomware attack is. Essentially, ransomware is malicious software (or malware) that infects a computer or network, taking control and restricting access to files and programs. The only way for the system’s owner to regain control and keep their data from being destroyed or publicly leaked is to pay a ransom to the malware’s creators.

Lately, attacks like this gotten more frequent. Many exporters and observers agree that this is most likely a side effect of the COVID-19 pandemic.

Why? Due to the pandemic, many workers transitioned from working in offices every day to working from home. Unfortunately, many also began using unsecured remote networks to do their work, opening themselves up to attack.

At the same time, hackers took advantage of the fear and uncertainty bred by the pandemic to start sending out targeted phishing emails. Using subject lines with topics related to coronavirus prevention and safety measures, these emails, often falsely attributed to reputable sources like the World Health Organization or the Center for Disease Control, tried to dupe worried readers into surrendering important data and credentials. Sometimes it worked.

How You Can Keep Your Network Safe

Even as we better learn to battle COVID-19 and life returns to something closer to normal, the threat of ransomware attacks persists. Fortunately, protecting against them is not as difficult or complicated as it may seem.

Here are three steps to take:

icon of virus-free smartphone

1. Enlist the aid of managed services pros

To start, one of the key things to remember is that you don’t have to fight this by yourself. Partnering with a trustworthy and proven network management team like the experts at Beacon IT Services (BITS) can go a long way towards securing your network and your data. (Not to mention all of the other benefits of our services, including cloud migration, data recovery, and general systems maintenance.)

2. Set up a VPN

Next, your BITS team will work on securing your remote network. In most cases, that will mean setting up a virtual private network (VPN) for you and your team to work on. VPNs offer the security and function of a traditional, hardwired private network while still allowing users to access it remotely. BITS partners with SonicWall to offer a variety of secure and reliable VPNs that will secure your network.

3. Prepare your team to spot scams

You also must train your employees to recognize the signs of potential phishing emails. From keeping an eye out for suspicious and overly complex email addresses to unusual requests for social security numbers, credit card info, and other sensitive data, there are some simple things employees should always watch out for. Your IT expert can provide info on essential best practices and can offer recommendations on valuable services like KnowBe4 if more in-depth anti-phishing measures are required.

BITS will also install powerful firewalls and anti-virus software on your network to keep it safe from other threats. Our 24/7 network monitoring also allows us to identify any issues as they arise—before they become a problem for you and your business.

Don’t Fall Victim to Ransomware: Contact BITS Today

Don’t waste time: contact us now to get to work on securing your network.

If you already partner with us, don’t hesitate to reach out if you have concerns about your security. We’ll work with you to make sure everything is secure and that you have the best protection possible.

By | 2021-07-23T07:32:09+00:00 June 24th, 2021|System Administration, Cyber Security, IT Services|

Lessons in Cyber Security & Threat Prevention

Atlanta Ransomware Attack

The ransomware attack that took hostage a number of vital computer systems in Atlanta last month wreaked havoc on residents and sent the city’s administration scrambling. What can we learn from the situation?

Considering that city officials were aware as early as last summer that “severe and critical vulnerabilities” existed within the municipality’s computer network, the biggest takeaway is: DON’T WAIT to shore up your cyber security.

We’re not in the business of beating dead horses. And, surely, Atlanta officials have their hands full orchestrating the recovery from the attack and trying to return vital operations back to normal. Nonetheless, the fact that a 2017 internal city audit revealed an utter lack of preparedness to manage any sort of cyber threat should not go unmentioned.

What that means is the March 22 attack wasn’t a technology problem. As with most hacking efforts, it’s not the code that sinks you – it’s the human element that’s exploited for criminal gain. In this case, the human element was the inability of city administrators to respond to known threats. Not only was the city not equipped to handle an attack on its networks, it also didn’t have a proper response plan ready.

The number of ransomware attacks spiked sharply in the last year. So, if you don’t have an updated plan for your organization’s network security, you may very well be the next target of SamSam – the group responsible for the Atlanta situation – or another criminal outfit.

The good news is that there’s an army of cyber security professionals who are very skilled at crafting customized solutions. We, at Beacon, have been good at it for quite a while.

Protection Through Prevention

The best way to avoid a ransomware attack is to make sure that your network has a sufficiently strong firewall in place. A firewall identifies incoming web traffic and filters any suspicious or unapproved activity. The effectiveness of any firewall depends on how well it is configured. Typically, large networks require complex firewall configurations and a team of IT specialists for maintenance and monitoring.

Firewalls are great at protecting against known threats. However, new hacking techniques are developed every day. To defend against these zero-day exploits and other sophisticated attacks, IT pros deploy advanced automated audits that boot the threat off the targeted network. About 80% of current Beacon clients rely on this type of advanced protection. And, ideally, that number would be 100%.

Of course, even the most well-designed security setups can be breached. Criminal hackers know that people are the weakest link in network security and design attacks to take advantage of unwitting networks users. (There’s that human element again.) However, the odds of such attacks succeeding are low if your organization takes security awareness training seriously. Security seminars should be made available to every person on staff, and be repeated at least once every three years.

Recovery: It’s Good to Have a Back-Up Plan

Let’s be honest – sometimes hackers succeed even when you’ve done everything right. If that happens, you don’t want to find yourself in the same position as the folks in Atlanta. Backing up your network will protect you in case of a catastrophe.

While the concept is simple, data backup is actually a fairly complex process that takes considerable forethought. You’ll need to decide how often your network needs to be backed up (hourly, daily, weekly, etc). You’ll also have to examine how long your organization can go without access to your data.

A busy medical center, for example, would need to have its data backed up hourly to capture changing patient statuses, doctor’s orders, prescriptions, etc. With lives at stake, it would also be imperative to restore access to that data as quickly as possible.

Organizations that don’t deal with life and death issues would probably have less stringent requirements for their data protection plan.

We’re Here to Help

Have questions about your company’s cyber security? Give BITS a call at 336.546.6660, and we’ll be happy to talk to you about your concerns and data protection needs.

By | 2018-04-12T11:22:11+00:00 April 12th, 2018|IT Services|

What to do if Your Business is Victimized by Ransomware

Your computer is acting funny. You can’t access certain files. Then, you receive a pop-up message. You read the message only to learn that your data has been encrypted and you no longer have access to it – UNLESS you send a large wad of cash to the hijacker in unmarked bit-bills.

Unfortunately, bitcoin payments don’t arrive with dye packs that blow up on delivery. So, how do you get access to your data? What do you do when your business has been attacked by a hacker with ill intent?

Step One: Don’t panic.

First and foremost, remove the infected computer from your network.

Before complying with any demands, you may wish to verify the existence of malware. Hackers have been known to create threats that aren’t really there, all for the express purpose of extorting money from you. The hope is that you never actually check to verify that a threat really exists. Hackers rely on you to panic and pay the fee without thinking. So, take a deep breath and…

Step Two: Run an anti-malware scanner to check for an infection.

Reboot your computer and run it in safe mode. This will enable you to run your anti-malware software. If the ransomware is fairly innocuous, your anti-malware software will be able to remove it. Once you know that’s the case, there’s no harm and no reason to pay the hacker. Then, your next step is to…

Step Three: Develop a prevention strategy so that you won’t have to go through this again.

Call the IT experts at Beacon and we’ll check your network for other vulnerabilities. We’ll copy your hard drive, desk top files and applications and install a backup system that protects you from future malware attacks.

If you’re unable to remove the insurgent threat, you should attempt to….

Step Four: Identify the ransomware.

If the anti-malware application will not remove the threat, your next step is to identify the ransomware. You can do this through ID Ransomware. Upload the ransom note, forward a file that cannot be opened or simply input an email address from your network. This free website can often identify the ransomware that has encrypted your data.

If ID Ransomware fails to identify the ransomware type, there are decryption tools that may be able to help you unlock your files. There are decrypters available to combat ransomware such as Locky, HydraCrypt, CryptoLocker, and Petya. You’ll be taking a shot in the dark so to speak, but if you hit on the right one, you’ll be able to unlock your files.

If not, we suggest that you…

Step Five: Go Back to Step Three and Call Beacon

By now, you may have decided to pay the ransom. While we don’t recommend doing so, only you know what this ordeal is costing you in lost revenue and/or reputation. If circumstances dictate it, one cannot be blamed for protecting one’s customers by paying the ransom. However, the IT team at Beacon can put the kind of prevention plan in place that best fits your need and budget, protects you and your customers and prevents the same kind of mishap from every happening again.

Get a free assessment of your network. Contact me directly or speak with a member of our IT team at 336-447-3379. We’ll make sure you’ve got the necessary system in place to protect you from ransomware threats so that you can focus on your core business.

By | 2018-03-13T06:50:05+00:00 March 12th, 2018|IT Services|

Crypto Currency: Ransomware & Your Vulnerability

Crypto mining is not against the law, nor is it a nefarious activity. At least not most of the time. But in order to fully understand why crypto mining can be a problem, we need to start from the beginning.

Our story starts with the creation of a crypto currency called “Bitcoin”.  Like Paypal, Bitcoin is an online transaction system. Unlike Paypal, Bitcoin is decentralized or “open source”. In other words, it’s open to all users, meaning any developer can modify the code that makes the software do what it does. However, all modifications must pass muster with the software’s lead developer, Gavin Andresen.

With Paypal, each transaction is authenticated by a single authority or custodian. By contrast, Bitcoin uses something called a blockchain. A blockchain is a public record sent to everyone in the network. When a transaction occurs, the computers in the network automatically adjust the balances of the addresses involved in the transaction. The beauty of this system is that it’s impossible for anyone to edit and makes for a permanent record of the transaction.

What Crypto Miners Do

Crypto miners are computers along that chain. Their sole purpose is to donate their processing power, enabling verification of transactions included in the current “block”. Once that is complete, a new block is created and a new public record is distributed. In exchange for use of their CPU power, crypto miners receive 12.5 Bitcoins for every ten minutes of processing power.

Being that crypto mining is computationally intensive, it requires resources that far exceed your average laptop computer (although in Bitcoin’s infancy, that wasn’t the case). It requires dedicated processors, graphic cards and more. There is overhead involved in mining currency.

Cryptocurrency Malware

As a way to circumvent these costs, disreputable miners developed malware that can imitate the botnets that normally perform this function. This malware can hijack your CPU and slow everything down – sometimes to a halt. Delivery of crypto malware can occur through all of the usual means – spam emails, links and unwanted applications.

And then there’s Ransomware

These same malwares can present themselves in the form of ransomware. Ransom is always requested in Bitcoin or any of the other 700+ cryptocurrencies around today. The reason for this is simple. Cryptocurrency works with complete anonymity. You can’t trace the sender or the receiver.

Develop a Plan

At Beacon, that’s what we do. As IT professionals, we work with you to ensure the safety and security of your online business.  Get a free website security assessment or contact us at 336.447.3473 with any questions regarding your businesses’ IT needs. Together, we can develop a prevention plan that’ll keep your proprietary information in and cyber criminals out.

By | 2017-12-11T11:36:53+00:00 December 8th, 2017|IT Services|

Do Your Employees Hide Cybersecurity Incidents?

While advanced hackers may use malware, they often start by attempting to exploit the easiest point of entry. This typically includes phishing emails similar to the Google Docs email link that had Google on its toes recently.

If your employees leave events such as this unreported, the consequences could be devastating to your cybersecurity. With that in mind, let’s discuss some things you can do to mitigate your company’s exposure. From office culture to properly managed hosting, there are steps you can take to prevent a cybersecurity meltdown.

Is this problem unique to small business?

In fact, businesses of all sizes experience vulnerability from within. A recent report indicates that while roughly 40% of employees working with medium size companies hide incidents, the percentage drops significantly with companies of under 50 employees. This makes a great deal of sense. Here’s why.

Office culture plays a significant role in incident disclosure.

A smaller staff generally means a more easily controlled office culture. There are fewer people to educate or inform. This becomes evident when one looks at businesses of less than 50 employees. Here, the incident rate drops to roughly 30%.

The message one conveys to office staff is of paramount importance. It should be one of education, not punishment. Ask yourself why employees hide a potential breach. The answer is simple. Fear. If an employee is threatened with termination for such a mistake, it is clearly in their best interests to sweep it under the rug.

To summarize, take an educational approach to your cybersecurity office culture. Emphasize responsibility while reducing fear of punitive consequences. You’ll be amazed at the difference it makes.

Take reasonable security measures.

Start with basic password protection. Require that users re-log in after periods of inactivity. Restrict use of the office network for business. File sharing of a personal nature or access to inappropriate content begs for a security breach. When working remotely, employees should be working through a company VPN requiring a robust password.

Make sure your security software is up to date.

Set up appropriate firewalls and make sure that your IT department or hosting partner has an intrusion detection and monitoring system in place. Make sure that they are staying on top of anti-virus updates and installing patches accordingly.

Questions about your company’s cybersecurity?

If cybersecurity is an issue you’re giving thought to, give the folks at Beacon a ring. Call one of our team members at 336.447.3473 or send me an email. Better yet, take our FREE network assessment and let us help you understand your current state of vulnerability and what you can do about it.

By | 2017-08-31T11:45:18+00:00 September 6th, 2017|IT Services|

Cybersecurity Threats & Trends

Despite significant investment in cybersecurity, businesses are seeing more cyber-attacks that ever before. Remember back to Black Friday, October 21. We saw the largest DDoS attack of its kind, bringing down sites such as Twitter, Netflix and CNN. And things are trending worse.

There were almost 1000 reported data breaches in 2016 according to the ITRC (Identity Theft Resource Center). In 2015, there were under 800. That’s about a 25% increase in reported incidents. Noting past threats and recognizing trends can be an important part in deterring future intrusions.

“Call now and we’ll send you a second set of ransomware free!!”

Almost 60% of ransomware infections were found to have been delivered through email and infected email transmissions increased by a whopping 6000% last year. Yes, that’s three zeroes.

Perhaps worst of all, many of those who were adversely affected simply considered it the cost of doing business. Nearly 70% of those hit paid the ransom. Look at these numbers (particularly the last one) and you can see why this will remain a problem. Hackers have every reason to continue a very profitable activity. There’s an underground market for open source ransomware, too.

In fact, anyone can build and launch ransomware from their own home. Buying a kit on the dark web is almost like shopping on late night TV. Yesterday’s ShamWOW is today’s AKBuilder ransomware kit. As a result, the threat of cyber-attacks has the potential to increase 10 fold in 2017.

Employee Error: Loose Lips Sink Ships

There’s a huge underground market for access to email accounts, phone numbers and private data, as we all know. Even on a locked iPhone, one can gain access through voice-activated commands.

Additionally, irresponsible use of mobile devices by employees continues to be a problem. Remember “jailbreaking” your iPhone? Some of those who chose to do so unwittingly sent their personal information to a server in China. Even foreign governments are in the hacking business.

What kind of name is Siri, anyway? Does she sound American?

“Hacktivism” is Here to Stay

If you run almost any kind of business, you may be in the crosshairs of a group representing a cause or political objective. These groups are becoming increasingly hostile towards those with alternative viewpoints and have been embracing the idea of hacking the sites of their adversaries.

We’re all familiar with WikiLeaks and the CIA debacle. One can debate whether the cause is good or bad. One cannot (or should not, in my view) condone cyber theft under any circumstances.  But as a society, we often look the other way when it suits us. As long as that’s the case, this problem will persist.

The Last Word

If you’re in the process of evaluating your network security and/or stability, I invite you to contact Beacon directly and speak with a BITS specialist. We’re happy to answer any questions and get you started on protecting your business’ proprietary information. Call us at 336.232.5675 or email klackey@beacontec.com.

By | 2017-08-21T09:12:22+00:00 August 21st, 2017|IT Services|