cybersecurity

The Dark Web: What it is, how it impacts your organization, and ways to protect your business

October 19, 2018 by securewebsite

The Dark Web sounds like the name of Hollywood’s latest horror movie. In reality, it is something much scarier. It can rob your business, negatively impact employees, and shutter companies.
While you can’t see it, the Dark Web is a huge threat to the stability and continuity of business. Knowing what it is and why it is threatening is the first step to protecting what you have built with hard work and dedication. Here is what you need to know about the Dark Web, why it’s so dangerous, and ways to best protect your organization.

What is the Dark Web?
The Dark Web is the shady side of the World Wide Web. Digital communities on the Dark Web are accessible with special software that allows users and those operating dark websites to remain anonymous and untraceable. While it offers some legitimate uses, it is estimated that more than 50 percent of all sites on the Dark Web are employed in criminal activities. This can mean everything from the theft of digital credentials to their disclosure through sale.

Your Credentials
Digital credentials such as usernames and passwords keep you and your employees connected to critical business applications, email, and other online services. Criminals know that if they can get those credentials, they can access everything from your business’s list of clients to your trade secrets and funds. This means digital credentials are some of the most valuable pieces of information floating around the Dark Web.

Credential Theft
Criminals steal credentials from login information for social media platforms such as Facebook to dates of birth and credit card numbers. The problem is that many individuals and companies often fail to realize their credentials have been stolen until it’s too late.

In more than 75 percent of cases, it is law enforcement or another third-party that notifies a victim that something is amiss. By then, it’s usually too late to prevent data theft or a serious breach that could stop your company in its tracks, lead to a loss of customers, or even bankrupt your business.

Human Resources and Payroll
Your business relies on its human resources and payroll department(s) but these valuable individuals are some of the biggest risks to your organization’s digital security. When they utilize their work email to access websites and programs such as ADP, Paychex, and Ceridian, it can open the door for criminals who have stolen their credentials.

Cybercriminals can use their stolen information to heist the personally identifiable information (PII) of other employees, access payroll information, and even steal from the company coffers. Such breaches can also lead to other criminal activity such as the identity theft of employees or customers.

Client Relations Management
The client relations management (CRM) tool your business uses allows you to communicate seamlessly with your customers. This is great for your business and it’s great for cybercriminals, too.
Pretend for a moment that you have used the same password for your eBay account as you do for your business’s HubSpot. If a hacker steals your eBay credentials, they can access your business’s HubSpot. They can now send an email to your clients pretending to be you. The hacker can ask your clients for anything they want from money to their PII. This can ruin your name and reputation with your clients and within your industry as well as that of your company.

Communications
Another risk lays in your company’s communications from Verizon to Adobe and T-Mobile. For example, if someone wants to hack your AT&T account, they may be able to reveal your payment information from a bank account or credit card. Now they have access to your accounts and can steal money from you and/or your business. Using your mobile number, they can also spoof text messages, reset your bank account password, and access your cash as well as other websites, social media platforms, and other apps you utilize.

Business tools such as email services can also become hacked with the theft of employee credentials. Whether your company uses Gmail, Yahoo, or Office365, these are all hackable. Once someone has access, they can send spoofed emails to clients pretending to be you or an employee asking for more information or even money.

Collaboration
While collaboration among employees, contractors, and vendors is typically considered a positive attribute in business, it can also put your organization at risk. Many individuals and businesses today use Dropbox as a great method of file sharing and collaboration. Such files often contain a plethora of valuable information including trade secrets, PII, and client data. A hacker can use this information to spoof emails, gather data from clients, and target them as their next victims.

Travel Services
If your business employs a travel service to help them get from point A to point B, this can be another security risk. Companies such as Expedia, Travelocity, and Orbitz typically store your credit card information along with other PII that can be devastating in the event they are breached.

Be sure to employ different login credentials for each of these websites to best protect yourself and your business. Use multi-factor authentication if it is offered and don’t store your billing information with these sites if given this as an option.

E-Commerce
Whether your company orders office supplies online from Staples/Office Depot or your business sells products through Amazon/eBay, this is yet another area of risk. Again, stolen credentials can allow for the theft of PII and access to financial information that can drain your bank account before you realize what has happened.

Banking & Finance
Programs such as QuickBooks or Freshdesk or banking apps from financial organizations such as Bank of America or Wells Fargo can also lead to problems when it comes to credentials. If a hacker steals access to your bank accounts, credit cards, or financial programs, it can be truly devastating for your business.

Imagine having all of your accounts wiped out. How will you pay your employees, cover your business mortgage, or pay out contractors? Once the money is gone, the likelihood you will ever see it again is minimal, as hackers can be very difficult to trace and, even if you do get it back, how will you cover your business expenses in the meantime?

Social Media
If your employees or business are on social media, which most are, this can put your business at higher risk for a breach. Pages on social media can be easily spoofed or copied. A cybercriminal can invite your friends and followers, steal their information, and worse. This can ruin your reputation whether the hacker takes an unpopular political stand on the false page or accesses more people to victimize through spoofing of their personal or business pages.

Other Employee Risks
In addition to the threat of employees having their work credentials stolen, their personal credentials can also put your business at risk if they end up in the wrong hands. For example, if an employee uses their LinkedIn credentials such as their username and password for work in QuickBooks, they can expose your company to a breach. Employees should be trained to use unique usernames and passwords for each program, app, and website they use. This is true not just for work but also for their private internet use as well.

While it can be cumbersome to keep track of different usernames and passwords for each website or app they use, there are password management tools such as MyGlue or LastPass that can keep track of them all. While some of these password management programs are free, some do have a minimal cost associated with them. Remember, you get what you pay for in business. Some of the free apps are poorly encrypted locally on your own device so if you get hacked, the bad guys will still have access to your information. We advise working with a larger company so you know they have the manpower and ability to keep your information safe and secure.

Users often have the same password for multiple services such as network logons, social media, and online stores. This greatly increases the potential for a breach. Train and retrain your employees on cybersecurity. It is worth the investment as is paying a small annual fee for a secure password management tool. Consider this well spent money as an operating expense just as you do with your marketing budget.

Combating the Dark Web
At Oram, our experts are able to search the Dark Web so you don’t have to. Using Dark Web ID from ID Agent, our experts search for your personally identifiable Information (PII) on the Dark Web to determine if you are at risk of experiencing a breach. This gives you time to protect your information, notify your bank or lender, and change passwords before you experience a breach.

How Dark Web ID Works
Dark Web ID is a commercial solution to detecting compromised credentials in real time on the Dark Web. It offers the same advanced credential monitoring capabilities that are employed by Fortune 500 companies. This specially designed software connects to multiple Dark Web services including Tor, I2P, and Freenet where it searches for compromised credentials. With this proprietary software, you don’t have to expose your own software, hardware, or network to these high-risk services directly.

By searching the most secretive and covert corners of the internet, Dark Web ID locates compromised credentials associated with your business, contractors, and personnel. If we find credentials that compromise your company, we notify you immediately BEFORE you become the victim of identity theft, data loss, or a breach. The real-time awareness of compromised credentials Dark Web ID provides means you will know if your PII has been stolen so you can safeguard both your personal and business assets before it’s too late.

Be Prepared
The more information you have, the more valuable it is and the more prepared you can be. We employ extensive logging and reporting capabilities that allow us to track your credentials and the credentials of your employees on the Dark Web. As a result, we can triage incidents quickly and create effective policies and procedures to reduce the risk to your business.

How It Helps Businesses
We use the Dark Web ID as a tool to identify compromises throughout your organization that could put your company at risk for a data loss or major breach. With this software, we are able to monitor the Dark Web 24 hours a day, seven days a week, 365 days a year. It is so effective, it reports more than 80,000 compromised emails daily. In addition to email, the program searches and monitors the following platforms frequented by cybercriminals:

• Hidden chat rooms
• Private websites
• Peer-to-peer networks
• Internet relay chat (IRC) channels
• Social media platforms
• Black market sites
• 640,000+ botnets

Predictable Patterns
While it is good practice to be prepared for a breach, it’s even better to have a warning that one could be coming. Using Dark Web ID, we can identify industry patterns. If we see that your industry is starting to come under attack, we can share that intelligence with you to best protect your employees, your business, and your consultants.

Prevention is the Best Medicine
While a network attack may be inevitable, they can be made less destructive and costly. With proactive monitoring of stolen and compromised credentials, you can be alerted to prevent losses before they happen. With alerts that tell you when your credentials have been stolen, you can respond immediately to prevent a breach.

By employing monitoring services and software such as Dark Web ID, your company can move toward compliance with data breach and privacy laws. Our experts can even help you develop and implement a data breach response plan.

If you would like more information about the Dark Web, Dark Web ID, or reducing cyber risks to your business, please call Oram today at (617) 933-5060 or visit us online.

October is National Cyber Security Awareness Month

October 9, 2018 by securewebsite

A look at cyber awareness and tips for protecting yourself online

Whether you are turning on the television, checking the daily newsfeed online, or reading a magazine, you’re sure to hear about the breach of a major business such as Yahoo, a data leak by the government, or hackers attacking a local school. Over the last two decades, cybersecurity has been legislated to protect consumers, businesses, and the government alike. There’s a need for greater awareness of cyber security and how people can best protect themselves and their businesses. That is the purpose behind National Cyber Security Awareness Month (NCSAM) which has been celebrated every October for the last 15 years.

The History of NCSAM
Developed as a collaborative effort between industry and the U.S. government, the purpose of NCSAM is to ensure every American has the necessary resources to stay safer and more secure online as well as advance awareness of the threats we all face when we log on. Launched in 2003, NCSAM was conceived by the U.S. Department of Homeland Security and the National Cyber Security Alliance.

According to the National Cyber Security Alliance, the goal was to reach as many people and businesses as possible to educate them about cybersecurity. The target audience consists of consumers, small and medium-sized business, corporations, educational institutions and young people across the country.

STOP. THINK. CONNECT.
This year marks the 8^th anniversary of the STOP. THINK. CONNECT.™ campaign used during NCSAM which offers tips and advice for everyone from the daily internet user to business owners.

The message to consumers of every age is clear. We are all warned to stop and think before connecting which means doing things to protect ourselves before we get online. We are warned to “Keep a Clean Machine,” “Protect Your Personal Information,” and “Connect with Care.” But what does all of this really mean?

Keep a Clean Machine
All of your internet-connected devices should be kept free of malware and other infections such as viruses as they can interrupt your connectivity at home and at work as well as spread to others. A dirty machine can also threaten your safety and the safety of others online. This is especially true when it comes to malware that connects your devices to botnets, which are networks of computers controlled by cybercriminals that can steal your information and make money from it.

There are several things you can do to keep a clean machine including:

Use the Latest Software– Ensure you have the newest security software, web browser and operating systems to offer the best defense against known viruses, malware, and other threats.
Automate Updates– Most software programs automatically update to defend against threats. Keep auto updates turned on and turn your computer off each night so updates will occur when you reboot.
Protect Every Device– In addition to computers, be sure to turn on auto updates for all devices including smartphones, laptops, and tablets.
Plug & Scan– External devices such as USBs can harbor viruses and malware. Use security to scan them before using.
Get Rid of Garbage– Delete links, emails, tweets, posts, etc. that look suspicious. These are ways cybercriminals compromise your computer. If it’s not from a trusted source, trash it. Don’t open it.
Hot Spot Smarts– Limit the business you conduct when away from your home or office. Be sure to adjust the security settings on your device to limit who can access it.
Act Fast– If you think your machine is infected, get help fast to remove viruses and malware before they can spread or cause more damage.

Protect Your Personal Information
Each one of us has the responsibility of protecting our personally identifiable information (PII) online. If your personal information ends up in the wrong hands, there could be serious consequences from a breach in your social media or theft from your business to your identity being stolen and your bank account being wiped out.

While you may have worked hard to protect that information, all of us must still assume our personal information has been leaked because hacks happen all of the time. Here are some tips for protecting your PII online from the New York Times:

Use Different Passwords– Across multiple sites from Facebook to your bank account, NEVER use the same password in more than one place. Doing this allows a hacker that gets your password in one place to use it in another. Password managers such as 1Password or LastPass can help you keep track of them all.
Never Your Social- Never use your social security number as a username or password. This is especially true in the face of the recent Equifax breach.
Be Suspicious- Treat everything online with an abundance of suspicion. Hackers send emails, notices, letters, etc. posing as people you know and businesses you solicit to gain information. Contact a business or individual requesting PII online by calling them directly before deleting the email as they may need it to press charges or stop the cybercriminal from targeting others.
Use Stronger Passwords- Sites such as LastPass can help you create unique passwords for each site you visit and save them for you in a protected database. If you create your own, be sure to use uppercase and lowercase letters, numerals, and special characters in each password.
Employ Extra Security- Passwords are not enough. If a site allows you to use secondary or two-factor authentication, enable those features. When you enter your password, you will receive a message with a one-time login code to allow you to finish logging in.

Connect with Care
Many web users are very quick to click whether it be on an email, a link, or an attachment. Slow down and take time to examine what it is you are about to click before you do so. Ensure you know who an email is from before opening it. If you don’t know the sender or aren’t expecting an email, delete it without opening it.

If you receive an email from a person or business you know and the email address looks familiar, feel free to open it. Once open, look at the email itself. Does it sound like it’s from the sender or does it seem odd? If the English is suddenly broken, the business logo is not right or is missing, or something else is off about the email, do not click on any links or attachments. Contact the person or business directly to see if they have sent you something via email.

Use care when connecting to public Wi-Fi. This is especially true if you are conducting business such as banking or shopping online. Use only trusted secure connections when using portable devices outside of the home or office.

Be Web Wise
Personal information about anyone is now easy to find online. This is especially true with the advent and use of social media. That means we all have to be wise when it comes to using the web. The first thing you should know is how your information gets online. Here are some ways you may inadvertently be sharing your personal information:

Posting on social media
“Checking in” through social location sites such as Foursquare
Commenting on blogs or shopping sites
Creating online wish lists online at sites like Amazon or Pinterest
Sharing videos or photos online
Using online games
Giving location data when uploading photos online

If you are on social media, check to see if you can change your privacy settings to limit what others can see about you or who has access to your information. Be sure to read the privacy policy of any company before sharing your information with them to ensure they don’t sell it to third parties. You’ll also want to ensure that your data is backed up at home and at the office in the event of ransomware, other cyber attacks, or even a computer shutdown.

Be a Good Online Citizen
Being a good online citizen involves employing the Golden Rule of treating others online the way you would like to be treated and using common sense. Don’t visit unsecured sites and don’t forward emails from unknown sources to others.

Be aware of how the action of one person can damage an entire online community. For example, one employee surfing unsecured sites through your business network can open the door for malware, viruses, and cybercriminals. Have common expectations in your home and office about what is an acceptable use of the network and what types of sites should be avoided.

Report cybercrime and breaches immediately. These should be reported not only to your internal technology personnel but to law enforcement as well. By reporting such issues, you are helping others avoid becoming victims, too, and stopping cybercriminals in their tracks.

Own Your Online Presence
This means safeguarding your own personal information and activity. For example, data should be treated like money. It should be protected. This means everything from your birthdate and personal address to the names of your children and pets which are often used as passwords. It can be easy for a hacker to get into your accounts with such personal information floating around on the web.

Be careful about who you share information with. For example, you may get “friend” requests from people you don’t know on social media. Simply delete the request. This is not being rude, it’s being prudent. Also, don’t send login information via email. Email can easily be hacked without the proper, updated security in place. If you get a request for information from a business online, call them to see if the request was really from them and provide any data they may need that way.

Lock Down Your Login
One of the main points of the STOP. THINK. CONNECT.™ campaign is to Lock Down Your Login. There are several ways you can ensure your login information stays secure. Here are six tips to get you there:

Protect accounts with strong authentication
Keep security software updated
Avoid phishing by thinking before clicking
Use unique passwords for every site
Protect your mobile devices
Employ trusted security tools

Our Responsibility
Staying safe online and protecting those we are connected with is everyone’s responsibility. Because the world has become so digital, we are more interconnected than ever before. From our desktops to our tablets, phones to laptops, we find ourselves working, playing, learning, and living online. That means all of us has a responsibility to try to stay as safe as possible by adhering to the advice of cyber experts.

National Cyber Security Awareness Month is a chance for us all to become more aware of the threats we face online and ways to protect ourselves and others. For more information, safety tips, and ways to get involved in NCSAM, visit the National Cyber Security Alliance online or contact Oram at (617) 933-5060.

Threats to business cybersecurity and a strategy for resiliency

October 4, 2018 by securewebsite

Imagine going into work, settling into your routine, and realizing you can’t access your email. You try refreshing your browser, logging out and then back in again, only to realize something malicious has happened. You start to panic. You can’t work, don’t understand how this could have happened, and wonder what the cost to your business will be.

Email is arguably the most vital tool used in modern business. It helps us communicate with our customers, collaborate internally, and keeps the information we need to move forward flowing like the blood in our veins. Without it, the livelihood of our business is at stake.

What has become the lifeblood of today’s businesses, Cybercriminals are using to become just as successful. According to the report The State of Email Security 2018 by Mimecast, email is the main way hackers initiate attacks to defraud businesses such as phishing scams, malware delivery (such as ransomware), and impersonation. As a matter of fact, the report shows a whopping 90 percent of global organizations studied in the 2018 report described consistency or rise in the number of phishing attacks experienced in the previous year.

BEC and EAC Threats
The 2017 Internet Crime Report issued by the United States Federal Bureau of Investigation’s Internet Crime Complain Center confirms email is a major target of bad actors. The report shows business email compromise (BEC) is a huge trend. This sophisticated scam targets organizations that frequently work with foreign suppliers and/or businesses and perform wire transfers on a regular basis. A variation of the threat, known as email account compromise (EAC) specifically targets individuals who regularly make wire transfers.

The FBI warns that though some businesses report using checks rather than wire transfers, cybercriminals will very casually employ the method that your business typically uses to steal your funds so as not to draw attention to themselves. They do this by compromising your “legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.”

Hacking and Spoofing
In 2013, the FBI’s report shows victims indicated the email accounts of Chief Executive Officers (CEOs) and Chief Financial Officers (CFO’s) were often spoofed or hacked.

When an email is hacked, criminals can intercept important messages and data. One example is Climategate. This occurred when email archives from the Climatic Research Unit at the University of East Anglia were copied by the thousands. The breach occurred just before the Copenhagen Summit on climate change. Skeptics used information from the stolen emails as grounds to argue that global warming was a scientific conspiracy.

Email spoofing, or impersonation, is the forgery of an email header so a message appears to have originated with someone other than the actual source. This is a common tactic used by cybercriminals in phishing campaigns and spam emails because employees with access to data and/or funds are likely to respond to emails from supervisors or clients. A bad actor may spoof the email header of a CEO and send an email to someone that often handles wire transfers within the company, demanding an immediate wire transfer to avoid an emergency situation. In addition, spoofing can also be used by bad actors to fraudulently invoice business customers for goods or services with the funds going directly to accounts they have set up in order to steal money from the pockets of your unsuspecting clients.

Attackers are becoming ever more clever in the way they deceive victims. With social engineering, cybercriminals are learning to target specific individuals in a company by impersonating them online. In the last year, nearly 40 percent of organizations have seen impersonations of “finance/accounts” personnel and 28 percent report C-suite executives as targets of impersonations. Another 25 percent of organizations reported impersonations of human resources staff. In total, 20 percent of respondents studied in the Mimecast report suffered a direct financial loss as the result of an impersonation attack.

Phishing by Numbers
Phishing is another form of email threat. Phishing occurs when someone sends an unsolicited email, text message, or telephone call that is purportedly from a legitimate company. Such phishing messages may request personal or financial information or even login credentials. An online article by TripWire reported that three-quarters of organizations experienced phishing attacks in 2017. This number held steady from the previous year.

A study by Dr. Zinaida Benenson, a professor at the University of Erlangen-Nuremberg who leads the “Human Factors in Security and Privacy” research group, demonstrated that 45 percent of people will click on a malicious link if it includes their name. In a second study where the recipient name was not used, 20 percent of people still clicked on the link. She suggested companies employ a “reporting” feature to flag suspicious emails or that utilize digital signatures to stop them before employees have a chance to get click happy.

Ransomware
Ransomware is a form of malware. It targets weaknesses by both security technology and human users. This malicious type of malware is typically delivered through vectors such as remote desktop protocols which allow computers to connect to one another across networks. Additionally, ransomware can also be sent through phishing emails that are sent to an end user resulting in the rapid encryption of sensitive data or files in a network.

Cybercriminals seize control of a business’s data in these ways and then hold it for ransom, often demanding large sums of money to restore access. Some cybercriminals even threaten to release proprietary information or data if a ransom is not paid within a given timeframe. Aside from that, the Mimecast report shows an average downtime three days after a ransomware attack which can cost your business even more money.

WannaCry, also known as WannaCrypt, was one of the major ransomware attacks in the history of IT. It affected several hundred thousand machines around the world bringing businesses from banks to law enforcement agencies as well as infrastructure companies to their knees.

Internal Threats
The Mimecast report also demonstrates that internal threats are also on the rise. Of the organizations studied, 88 percent reported internal threats caused by careless employees over the course of the last 12 months. To make matters worse, another 80 percent reported accounts had been compromised and 7- percent identified malicious insiders as a cause of internal issues during the same period.

Insiders have a distinct opportunity to wield emails. They can steal information and send it to outsiders or publish it for their own gain. This is where using the practice of least privilege can help protect your business.

Prevention is the Best Medicine
It’s been said that the best defense is strong offense. That is particularly true when it comes to cybersecurity. Just as you inoculate a child against disease with vaccinations, businesses should employ preventative measures to reduce the odds of an attacker getting in through their email.

Oddly enough, businesses have taken a more reactionary approach to cybersecurity and it’s costing them big time. Changes in data storage technology such as migrating email to platforms such as the Cloud or Microsoft Office 365 is leading businesses to oversimplify their security strategy. Business leaders believe they can save money and minimize the complexity of managing their cybersecurity by employing a defense-only model. This way of thinking falls short of providing the forethought and prevention the best security has to offer.

“Attackers are leveraging these same changes and are working in real-time to exploit gaps in your security program,” warns the Mimecast report, which predicts that 50 percent of organizations will suffer a negative business impact from an email-borne attack this year.

Education is Key
While email is unequivocally a major business tool, it can also be a major security threat. Of the organizations studied for the Mimecast report, “61 percent were hit by an attacker where malicious activity was spread from one infected user to other employees via email.” That is why cybersecurity awareness training is so imperative to a solid business security strategy, especially for business leaders.

According to Mimecast, nearly 40 percent of organizations see the CEO of their organization as a “weak link” in the cyber security chain. In fact, the study showed 31 percent of C-level employees have unintentionally sent sensitive information to the wrong person in the last year compared to 22 percent of other employees. This is due in part to corporate level employees having access to more sensitive business data than the average employee. Over the last 12 months, the report also showed 20 percent of organizations had C-level employees send proprietary data via email in response to a phishing email.

All employees should receive regular cyber security awareness training to prevent breaches before they can happen. While every employee needs regular training to keep up on the latest threats, this is especially true for C-level employees and those with access to sensitive data. You want to ensure there is security expertise at the leadership level of your business and the right training can get you there.

Cyber Resilience is Everyone’s Job
Implementing a solid cyber resilience plan is the responsibility of every employee. It doesn’t just fall to one person or department. Of businesses that have employed a cyber resilience plan, 80 percent feel prepared to fight ransomware and are confident that their sensitive data and files are properly backed up and encrypted, according to the report by Mimecast.

There are several steps to implementing a cyber resilience plan for any business based on the four dimensions of cyber resilience: Threat protection, adaptability, durability, and recoverability. Those steps include ensuring:

• The right security services are in place before an attack happens.
• A durability plan to keep email and business operations running during an attack or security breach.
• The ability to recover data and other corporate IP after a cyber incident or breach occurs.

Extra Tips
Here are a few more tips from the State of Email Security report to help close the security gaps at your business:

• Place cybersecurity into the function that manages overall risk mitigation for your business.
• Understand upper management sets the tone for company culture including security.
• Benchmark your security controls and risk management programs against similar businesses on a regular basis.
• Engage your security team on a regular basis to discuss your security program and requirements as well as the need for changes.
• Leverage internal marketing to communicate that security is everyone’s responsibility.

For more information on implementing a winning cyber resilience strategy for your small business, contact Oram now at (617) 933-5060.

Ransomware: A Guide for Protecting Todays Businesses

August 21, 2018 by securewebsite

Ransomware has become one of the top threats to businesses in today’s global and digital society. It has become such a danger in fact that a late 2017 report from Cybersecurity Ventures predicted that the global cost of cybercrime would reach $6 trillion by 2021 with ransomware playing a major role in that total. Furthermore, Cisco’s 2017 Annual Cybersecurity Report showed ransomware is increasing by 350 percent each year and a business falls victim to a ransomware attack every 40 seconds. Last year’s worldwide attack in May 2017 of the WannaCry ransomware caused complete and utter chaos around the globe and begged the question of what’s next.

So what is a business owner to do? For starters, you must know what you’re up against. Next, there are steps for preventing the threat from opening the door to your business. Here’s your guide to ransomware and how to stop it before it stops your business.

What Ransomware Is
Ransomware is a malicious malware that targets the private files of your business. While malware can cause some annoying problems or create more malicious issues such as reformatting a disk or deleting files, ransomware is different. Ransomware is a malware that infects computers and restricts access to files, stopping businesses in their tracks.

When you run into ransomware, you will know it because it will notify a system’s user that it has been attacked. The notification will come after the damage has been done and your information is already encrypted. A cybercriminal will use the ransomware to demand a ransom, typically money or cryptocurrency, in exchange for the safe return of files. If the funds are not paid, the cybercriminal responsible may delete or publish your private business files. If you do pay, you may still not get your data back anyway as the hacker responsible can simply take the money and run.

Like a virus that can attack the body, ransomware can attack an entire network. And like viruses, ransomware can morph and adapt from the way they spread to the way they encrypt data. This means a business must approach protection on a multitude of fronts and be ready to adapt to new protections as they are developed.

Means of Protection
Your IT provider should offer you protection through at least six areas. By securing a variety of entryways and providing layers of protection, your business will be safer from all threats including ransomware. At Oram, we take a six-step approach to protecting our clients against ransomware and other cyber threats.

Patching
The most basic layer of security is to monitor and patch all computers and applications on an ongoing basis. We address all known operating system security vulnerabilities with the latest patches. This measure is the first step in protecting your operating system particularly when a flaw has been uncovered. Your company’s outside business IT partner or in-house professionals should be providing the latest patches to ensure your operating systems are running at peak performance while ensuring any system vulnerabilities are addressed.

Anti-Virus and Network Monitoring
Businesses are being targeted every day through a plethora of avenues: email, ad networks, mobile applications, etc. This is why the second part of a best-in-class security network employs both anti-virus and network monitoring. These two pieces of the security puzzle examine all traffic on your business network and all files. The anti-virus employs a filter to protect them from all known threats. Your anti-virus should be updated regularly in order to identify the latest viral threats.

Backup and Disaster Recovery
One of the things cybercriminals bank on is that your business didn’t think ahead in terms of implementing backup and disaster recovery. That’s why this step is a must, especially where ransomware is concerned. There can sometimes be gaps between when a threat is introduced to your network and remediation of the full system.

To ensure that your data is safe, it’s best to have a full system backup in place to protect your back-office systems. This will enable your business to stay on top of things if and when an attack occurs and it provides a recovery option for unknown threats. In the event of a catastrophic failure or a ransomware attack, a good backup can get your business back online fast.

Endpoint Backup
Though backup and disaster recovery provides a layer of protection for your back-office systems, businesses should also have backup and recovery of data for all devices. Devices such as laptops and tablets create, share, and store business data. Should a device become lost or a cybercriminal capture your proprietary data and sensitive information from these devices, your business will still be covered. This can have a significant impact on your business productivity and profitability. Your endpoint program should offer real-time data backup on such endpoint devices to prevent the compromise of business-critical information and keep your organization moving full-steam ahead.

Secure File Sync and Share
In today’s global society, being able to work remotely, collaboratively, and securely from any device anywhere is a modern business necessity. With the proper software in place, your employees can securely collaborate from any location on any device including their smartphones and tablets. Such a system can allow you to grant access and editing controls for specific documents including those in Word, Excel, and PowerPoint. Such software also allows you to recover documents employees may have accidentally deleted or that have been lost due to malicious activity.

Education and Awareness
One of the best steps you can take in protecting your business against ransomware or other digital threats is to educate and train your employees. With proper cybersecurity awareness training, you can turn your employees into your most important layer of defense. They should be trained and provided with educational materials about cybersecurity risks, new ransomware strains, and the best practices for spotting phishing attempts, suspicious emails, and other security risks. Additionally, they should be provided a simple and quick way to report any suspicious activity. By empowering your employees with such training, they can become proactive in the fight against cyber threats to your business.

Small ransoms are just the beginning of the ransomware threat and it is only expected to get increasingly worse. This is why it is so imperative for businesses to stay ahead of cybercriminals when it comes to security. While such protection may seem overwhelming, it’s nothing when compared with the downtime, stress, and financial cost of dealing with a ransomware attack. If you need assistance in protecting your business against ransomware, contact Oram Corporate Advisors today for a free consultation at (617) 933-5060.

« Previous Page