Facebook-f Twitter Linkedin-in

data

Ransomware: A Guide for Protecting Todays Businesses

by

Ransomware has become one of the top threats to businesses in today’s global and digital society. It has become such a danger in fact that a late 2017 report from Cybersecurity Ventures predicted that the global cost of cybercrime would reach $6 trillion by 2021 with ransomware playing a major role in that total. Furthermore, Cisco’s 2017 Annual Cybersecurity Report showed ransomware is increasing by 350 percent each year and a business falls victim to a ransomware attack every 40 seconds. Last year’s worldwide attack in May 2017 of the WannaCry ransomware caused complete and utter chaos around the globe and begged the question of what’s next.

So what is a business owner to do? For starters, you must know what you’re up against. Next, there are steps for preventing the threat from opening the door to your business. Here’s your guide to ransomware and how to stop it before it stops your business.

What Ransomware Is
Ransomware is a malicious malware that targets the private files of your business. While malware can cause some annoying problems or create more malicious issues such as reformatting a disk or deleting files, ransomware is different. Ransomware is a malware that infects computers and restricts access to files, stopping businesses in their tracks.

When you run into ransomware, you will know it because it will notify a system’s user that it has been attacked. The notification will come after the damage has been done and your information is already encrypted. A cybercriminal will use the ransomware to demand a ransom, typically money or cryptocurrency, in exchange for the safe return of files. If the funds are not paid, the cybercriminal responsible may delete or publish your private business files. If you do pay, you may still not get your data back anyway as the hacker responsible can simply take the money and run.

Like a virus that can attack the body, ransomware can attack an entire network. And like viruses, ransomware can morph and adapt from the way they spread to the way they encrypt data. This means a business must approach protection on a multitude of fronts and be ready to adapt to new protections as they are developed.

Means of Protection
Your IT provider should offer you protection through at least six areas. By securing a variety of entryways and providing layers of protection, your business will be safer from all threats including ransomware. At Oram, we take a six-step approach to protecting our clients against ransomware and other cyber threats.

Patching
The most basic layer of security is to monitor and patch all computers and applications on an ongoing basis. We address all known operating system security vulnerabilities with the latest patches. This measure is the first step in protecting your operating system particularly when a flaw has been uncovered. Your company’s outside business IT partner or in-house professionals should be providing the latest patches to ensure your operating systems are running at peak performance while ensuring any system vulnerabilities are addressed.

Anti-Virus and Network Monitoring
Businesses are being targeted every day through a plethora of avenues: email, ad networks, mobile applications, etc. This is why the second part of a best-in-class security network employs both anti-virus and network monitoring. These two pieces of the security puzzle examine all traffic on your business network and all files. The anti-virus employs a filter to protect them from all known threats. Your anti-virus should be updated regularly in order to identify the latest viral threats.

Backup and Disaster Recovery
One of the things cybercriminals bank on is that your business didn’t think ahead in terms of implementing backup and disaster recovery. That’s why this step is a must, especially where ransomware is concerned. There can sometimes be gaps between when a threat is introduced to your network and remediation of the full system.

To ensure that your data is safe, it’s best to have a full system backup in place to protect your back-office systems. This will enable your business to stay on top of things if and when an attack occurs and it provides a recovery option for unknown threats. In the event of a catastrophic failure or a ransomware attack, a good backup can get your business back online fast.

Endpoint Backup
Though backup and disaster recovery provides a layer of protection for your back-office systems, businesses should also have backup and recovery of data for all devices. Devices such as laptops and tablets create, share, and store business data. Should a device become lost or a cybercriminal capture your proprietary data and sensitive information from these devices, your business will still be covered. This can have a significant impact on your business productivity and profitability. Your endpoint program should offer real-time data backup on such endpoint devices to prevent the compromise of business-critical information and keep your organization moving full-steam ahead.

Secure File Sync and Share
In today’s global society, being able to work remotely, collaboratively, and securely from any device anywhere is a modern business necessity. With the proper software in place, your employees can securely collaborate from any location on any device including their smartphones and tablets. Such a system can allow you to grant access and editing controls for specific documents including those in Word, Excel, and PowerPoint. Such software also allows you to recover documents employees may have accidentally deleted or that have been lost due to malicious activity.

Education and Awareness
One of the best steps you can take in protecting your business against ransomware or other digital threats is to educate and train your employees. With proper cybersecurity awareness training, you can turn your employees into your most important layer of defense. They should be trained and provided with educational materials about cybersecurity risks, new ransomware strains, and the best practices for spotting phishing attempts, suspicious emails, and other security risks. Additionally, they should be provided a simple and quick way to report any suspicious activity. By empowering your employees with such training, they can become proactive in the fight against cyber threats to your business.

Small ransoms are just the beginning of the ransomware threat and it is only expected to get increasingly worse. This is why it is so imperative for businesses to stay ahead of cybercriminals when it comes to security. While such protection may seem overwhelming, it’s nothing when compared with the downtime, stress, and financial cost of dealing with a ransomware attack. If you need assistance in protecting your business against ransomware, contact Oram Corporate Advisors today for a free consultation at (617) 933-5060.

Multi-factor authentication: A necessity for today’s businesses

by

Just recently I had a client contact me here at Oram about a serious security issue. Another business they work with was hacked and it nearly ended up costing my client big money. The worst part about the whole situation is that with the right technology in place, it could have been easily prevented.

The Problem Hack

The client called in to say he had wired his travel agent about €1.4 million (or roughly $1.63 million U.S.) for an extended European family vacation. Well, lo and behold, the travel agency’s email was hacked. Turns out a hacker, not the travel agent, had been communicating with my client for the entire month. My client thought he was planning this event with the travel agent when, in fact, he was communicating with a cybercriminal. Everything culminated when the hacker, posing as the agent, sent my client the wiring instructions for the funds.

The way that this hack presented itself was that a person in Germany deployed a phishing scheme to compromise the travel agent’s email. The hacker had been monitoring the agent’s email for a number of weeks and was just waiting for some event like my client’s to occur so they could then interrupt the communications.

The reason the travel agent was none the wiser is that the hacker also set up rules in the mailbox so that any time a communication came in from my client, it would go straight into the deleted items. This made it so the travel agent had no idea that someone else was communicating by email with my client.

Luckily, this scenario ended on a positive note. My client was able to get all of his money back. The FBI is now involved with the situation to try and catch this criminal. Without Oram, the travel agency would never have been alerted to the hack and may have seen more of its customers defrauded of their funds.

Passwords Aren’t Enough

The reality is that the majority of data breaches occurring today are the result of compromised authentication. Though having a strong password is a great start for implementing security, just having this one step in place can leave your network incredibly vulnerable. That’s why multi-factor authentication (MFA) is so important, particularly for securing your business’s most valuable data.

According to the 2017 Cost of Data Breach Study by the Ponemon Institute, data breaches cost businesses millions of dollars each year in the U.S. alone. The study also shows the likelihood of a business experiencing a recurring material data breach within the next two years after an initial hack is nearly 28 percent. Data breaches are the most expensive to deal with in the United States and Canada, costing $225 million and $190 million respectively. The average total organizational cost of breaches in the United States found in the 2017 study was a whopping $7.35 million.

Why Your Email Is Key

The reason hackers want into your email is that it can lead to a huge payday. With access to your email, a cybercriminal can log into any account you have by simply clicking on “forgot my password.” This allows them to create a new password using your email.

Access to your email allows criminals to create new, fraudulent accounts in your name. They can use your identity and email address to open new accounts and create their own passwords. From there, the possibilities are limitless from ordering goods online to withdrawing your entire life savings.

In addition to your business being negatively impacted, the friends and connections in your email network can also be put at risk for infection. Or, in the case of my client, hackers can steal access to your clients and could possibly ruin solid business relationships. Many criminals even sell access to hacked email accounts on the black market. The amount of damage that can be done in less than an hour is astounding.

How It Works

Multi-factor authentication is a security system that requires more than one method of authentication to verify a user’s identity. This can range from requiring passwords that must periodically be changed by legitimate users to requiring a one-time PIN provided via smartphone for access.

Without having all of the required pieces of information, a user would not be able to log in successfully. This means better protection for you and your business. Multi-factor authentication can help secure everything on your business network from logging into your server to shared resources and employees who bring their own devices to work. Some larger organizations that use MFA that you are probably familiar with include Google and PayPal. Most financial and medical institutions also employ MFA as well.

Our Recommendation

The moral of the story is that whether you are using personal email or corporate email, you need MFA. Had my client’s travel agent employed MFA, this hack would likely have never occurred. The would-be criminal would have likely hit a brick wall of security and moved on to a less secure target.

While Oram already recommends multifactor authentication, going forward, we are requiring our clients to utilize MFA for everything possible from email and icloud accounts to banking and financial sites. The reasoning behind this is that MFA significantly reduces the risk that a cybercriminal could access your most important systems. Additionally, it adds extra layers of security that will make your network and other proprietary systems that much more difficult to breach.

If you would like to learn more about multi-factor authentication or other ways to better secure your business, we are happy to assist you. Call Oram today at (617) 933-5060 or visit us online.