Tag: securitybytes

 

Learn from Marriott’s Example: Notification Responsibilities After a Data Breach

 

Most states, the District of Columbia, the Virgin Islands and Puerto Rico have passed legislation regarding notification of security breaches. Know the laws in your state.  

 

 

To answer this question, let’s start with the example experienced by Marriot International recently when a breach exposed the social security numbers of the hotel chain’s associates. Then, we’ll look at the federal and state requirements for notifying those impacted by a breach that involved their data.

 

How Did Marriott International Employees Fall Victim to a Data Breach?

 

Marriott International told some of its employees that their social security numbers (SSNs) had been exposed to an unknown person. The risk came from a vendor that handled documents for the hotel chain.

 

On September 4, 2019, Marriott found out that someone access information recorded on those documents, which included subpoenas and court documents. The notification, which came two months after the incident, merely stated that someone may have accessed the records, which is all hotel representatives claim to know. The potential breach impacts over 1,500 Marriott employees. On October 30, the hotel started sending notifications via regular mail for anyone it hadn’t been able to find.

 

Those impacted will receive free credit monitoring as well as identity theft protection for one year at the company’s expense. Notification and credit monitoring services are part of recent data breach laws, but one must wonder what took Marriot so long to notify the victims.

 

Why Did Marriott Have a Difficult Time Finding Victims?

 

Marriott received a list of those impacted, but most had no address. This may be the most significant factor in the delay. And, it’s not an unusual one. Company records breached by hackers may be incomplete in the best of circumstances, and this information was sitting in several external systems.

 

The unnamed firm said all Marriott employee data was deleted from its system. One of the problems in cases like this is storing data in multiple systems, which increases the risk of theft and data breaches. Marriott no longer partners with the vendor.

 

What Are Your Company’s Responsibilities in Case of a Data Breach?

 

The FTC recommends following these steps, some of which are legally required.

 

Secure your Operations

 

Move quickly to take whatever steps are needed to secure your systems. Otherwise, your data breach can result in a series of breaches. Mobilize or form a breach response team to shore up your network against further loss.

 

Fix Vulnerabilities

 

As part of the fix, you need to anticipate questions that clients, associates and the authorities may have. Put together clear questions and answers to post on your website. Direct communication may ease frustration and concerns, especially if it takes some time to identify those impacted, as in the Marriott cases.

 

Work with forensic experts to track to determine what records were at risk.

 

Notification

 

Most states, the District of Columbia, the Virgin Islands and Puerto Rico have passed legislation regarding notification of security breaches. You must notify the affected parties when personal information is involved. Check the laws in your state as well as the federal laws and consult with your legal team regarding your responsibilities.

 

Weak Points in Cybersecurity Hackers Love

 

Do you know where hackers are most likely to gain access to your private data? Discover the favorite entry points and how you can stop them.  

 

 

It seems like every week that there are reports of another massive data breach hitting the news. The number of users affected is almost unimaginable. Cybercriminals accessed 983 million records at Verifications.Io and 885 million records at First American Financial Corp., alone. Its scary stuff, but what’s even more terrifying is the majority of compromised companies never show up in the papers.

 

During the first half of 2019, there an average of 30 data breaches per day. So, how are hackers stealing so many records so quickly? They have their ways.

Four Places Cybercriminals Love to Steal Your Data From

 

1. Old Websites. The internet is a graveyard of abandoned and unprotected half-built sites which are the favorite hunting grounds for hackers who are on the lookout for easy and virtually risk-free hacking opportunities. Although it is true that most of these sites contain nothing more than a few email addresses and dummy accounts, every so often, a cybercriminal can strike goldmine. On occasion, legacy and demo sites for large businesses are still connected to the company’s servers and provide a nice backdoor to confidential data.

 

You can protect your business by completely removing old sites from online and limiting which sites have access to your servers.

 

2. Free Code. Many sites offer free code snippets that you can use for free on your website. All you have to do is download it and you can save hours of time and thousands of dollars. Good deal, right? Well, have you ever heard the Japanese saying, “There is nothing more expensive than something free?” When it comes to the code for your website, it is a motto you should take to heart. Using someone else’s free code for your company’s website could be the most expensive mistake you ever made. While clean, secure codes for free does exist online, the majority of what you will find is usually poorly written, and as solid as a sieve.

 

Stop hackers from using embedded backdoors in public code by not using it for mission-critical websites.

 

3. Unsecured Cloud Storage. Everyone is talking about the benefits of cloud computing and cloud storage, and it seems like businesses can’t wait to make the jump to working on the cloud. But before trusting your company’s confidential data to any third-party cloud storage solution, you better make sure the vendor has tight security. Many big-name companies like Facebook and Microsoft forgot to ensure their third-party vendors had the proper security, and the results were embarrassing and costly data breaches.

 

Carefully choose who you use for outsourcing and take an active role in protecting your data, even if it is hosted on a third-party’s server.

 

4. Unprotected APIs. Does your business use custom apps that utilize APIs? If the answer is yes, you may be exposing your confidential data to hackers without knowing it. While in-house app developers spend a great amount of time safeguarding your app itself, from exploits, the APIs you are using from an outside developer to power your app may be a gaping hole in your defense.

 

Review the end-user agreements for the APIs you use and conduct penetration tests to check for vulnerabilities.

 

In the end, protecting your data and the confidential information of your customers falls on your shoulders. No one can be perfect when it comes to online security, but every single business can do better.

 

No matter how secure you may be right now, you could always be doing more. Have you double-checked your cybersecurity lately? Review the best practices below to strengthen your small business cybersecurity.

 

When everything is going well, the last thing you want to do is think about what will happen when something goes wrong. It’s not necessary to dwell on the potential for a security disaster though – you know that it’s a possibility, so let’s just leave it at that. What’s important about this is that you know to cover your bases.

 

 

No need to assume the worst – just plan for it, so you know you’re protected. As that old saying goes, “An ounce of prevention is worth a pound of cure”.

 

Do what you need to do to “prevent” now, so you don’t have to pay for the “cure” later.

 

Use A Firewall

 

Your firewall is your first line of defense for keeping your information safe.

 

A firewall is a particular type of solution that maintains the security of your network. It blocks unauthorized users from gaining access to your data. Firewalls are deployed via hardware, software, or a combination of the two.

 

A firewall inspects and filters incoming and outgoing data in the following ways:

• With Packet Filtering that filters incoming and outgoing data and accepts or rejects it depending on your predefined rules.
• Via an Application Gateway that applies security to applications like Telnet (a software program that can access remote computers and terminals over the Internet, or a TCP/IP computer network) and File Transfer Protocol Servers.
• By using a Circuit-Level Gateway when a connection such as a Transmission Control Protocol is made, and small pieces called packets are transported.
• With Proxy Servers: Proxy servers mask your true network address and capture every message that enters or leaves your network.
• Using Stateful Inspection or Dynamic Packet Filtering to compare a packet’s critical data parts. These are compared to a trusted information database to decide if the information is authorized.

 

Train Your Staff

 

Your staff can have a significant effect on your cybersecurity – either they know enough to keep your assets secure, or they don’t, and therefore present a serious threat to your security.

 

So, which is it? Do your employees and volunteers have the knowledge they need to spot cybercrime scams, avoid common pitfalls and keep your data secure?

 

If you’re not sure, then they may need training. Security awareness training helps your employees and volunteers know how to recognize and avoid being victimized by phishing emails and scam websites.

 

They learn how to handle security incidents when they occur. If your employees and volunteers are informed about what to watch for, how to block attempts and where they can turn for help, this alone is worth the investment.

 

How Do I Train My Employees For Cyber Security?

 

A comprehensive cybersecurity training program will teach your staff how to handle a range of potential situations:

 

• How to identify and address suspicious emails, phishing attempts, social engineering tactics, and more.
• How to use business technology without exposing data and other assets to external threats by accident.
• How to respond when you suspect that an attack is occurring or has occurred.

 

Strengthen Your Passwords

 

Passwords remain a go-to tool for protecting your data, applications, and workstations.

 

They also remain a common cybersecurity weakness because of the careless way employees go about trying to remember their login information. Weak passwords are easy to compromise, and if that’s all that stands between your data in the cloud and in applications, you could be at serious risk for a catastrophic breach.

 

That’s why protecting your login processes with an additional layer of security – multi-factor authentication – is recommended. Multi-factor authentication requires the user to utilize two methods to confirm that they are the rightful account owner. It is an available security feature in many popular applications and software suites.

 

There are three categories of information that can be used in this process:

 

• Something you have: Includes a mobile phone, app, or generated code
• Something you know: A family member’s name, city of birth, pin, or phrase
• Something you are: Includes fingerprints and facial recognition

 

Protect Mobile Devices

 

Implement Mobile Device Management and Bring Your Own Device policies that allow employees to use their own devices in combination with the business’ without compromising your security:

 

• Require password protection and multi-factor authentication for mobile devices.
• Deploy remote access software that allows you to locate lost/stolen devices, and remotely wipe their data if need be.
• Develop a whitelist of apps that are approved for business data access.

 

And don’t limit yourself to desktops, laptops, and phones – there’s more out there for you to take advantage of. Have you considered what the Internet of Things and wearable devices can do for workplace efficiency? Now’s the time to get on board – up to 20.4 billion IoT devices will be online by 2020.

 

Manage Account Lifecycles And Access

 

This is one of the more basic steps on the list, but no less important. It can’t really be automated or outsourced to any technological aids; it’s just about doing the work. You need to have a carefully implemented process to track the lifecycle of accounts on your network.

 

• Follow a careful system for how accounts are created for new members, how their security is maintained and verified through their life, and how they are removed when no longer needed.
• Implement secure configuration settings (complex passwords, multi-factor authentication, etc.) for all accounts.
• Implement controls for login and use, such as lockouts for too many unsuccessful logins, unsuccessful login alerts, and automatic log-off after a period of inactivity

 

Protect Your Wireless Networks

 

Wi-Fi is a necessary part of doing business. Your staff cannot go without it, so it becomes your responsibility to make sure it’s secured, simple as that.

 

• Turn off broadcast so that your SSID is not available for others to see.
• Use WPA2-Enterprise security, which forces per-user authentication via RADIUS for access.
• Double-check your radio broadcast levels at default to make sure they don’t extend outside your building.
• Create a Guest Network that’s segmented and has a limited bandwidth so that those visiting your building don’t have any chance of access to your data.
• Monitor your network, and log events to track any activity by your employees and other contacts with network access.

 

Limit Unnecessary Physical Access

 

Your cybersecurity measures won’t amount to much if your laptops, tablets, smartphones and other devices are left out in the open for anyone to take.

 

It’s one thing for a cybercriminal to hack into your system remotely. It can be significantly easier if they’re doing so directly on a business device.

 

• Keep business devices under lock and key when not in use.
• Maintain a detailed inventory of who has authorized use for specific business devices.
• Don’t leave the login information on a sticky note on the keyboard of the device.

Follow Payment Card Best Practices

 

If you accept payment through credit and debit cards, make sure to follow established security policies and practices to mitigate any potential risks.

 

• Work with banks and other financial industry contacts to make sure you’ve implemented the right cybersecurity tools and anti-fraud services.
• Double-check your compliance requirements for FINRA, GLBA, and SOX.
• Segment networks involving a point of sales and payment systems from any unnecessary aspects of your IT infrastructure. No unnecessary software or web access should overlap with these systems.

 

Tips for Avoiding and Reporting Facebook Identity Theft

 

Financial fraud and access to confidential business data rank among scammers’ reasons for setting up fake profiles in Facebook identity theft schemes.  

 

 

Right now, hundreds of people could be viewing your photos on Facebook — on an account that doesn’t belong to you. In recent years, Facebook identity theft has become a significant problem, leaving victims struggling to reclaim their rightful identities on the social media platform. What do you need to know, and how can you protect yourself?

 

Reasons Behind Facebook Identity Theft

 

Imagine receiving a sudden flurry of messages from friends and family members alerting you that someone is posing as you. After the initial shock, you might wonder why an individual would go to the trouble of setting up a fake profile that uses your name and other identifying details.

 

As banks and other financial institutions have become better at spotting fake identities, scammers have turned to using the identities of real people for a variety of purposes, including opening lines of credit and draining bank accounts. Setting up a Facebook profile can be one step in establishing ownership of an identity — especially if the scammer can manage to get the real identity owner locked out of their account in the process.

 

How Can Your Job Make You a Target?

 

In addition to financial fraud, prospective scammers often have another goal in mind when they target specific individuals: access. Facebook identity thieves may target people in certain jobs — including CEOs, IT directors and human resources managers — because of their valuable access to data, people and financial resources.

 

By posing as a key executive in an organization, an identity thief may hit the jackpot by gaining access to computer systems that hold confidential customer data, employee Social Security and bank account numbers, or proprietary information. Scammers may set up a fake profile in your name as part of a social-engineering scheme designed to persuade your Facebook contacts to turn over information or access.

 

Steps for Preventing Facebook Fraud

 

To help lock down your Facebook account and prevent identity theft, consider adjusting your privacy settings to control who can view your photos and posts. Allowing everyone — or even friends of your friends — to see your information can make you vulnerable to identity theft.

 

Avoid accepting friend requests from unfamiliar people, and use caution when posting photos; think twice before posting images that include your driver’s license or other documents with identifying information. In addition, consider setting your profile to unsearchable.

 

What if someone has stolen your identity on Facebook? If you receive a friend request from someone who already is on your friends list, you may be the victim of identity theft. You should take immediate action by reporting the suspect profile if you discover that someone is using your name, photo or other identifying details. In the event that an impostor reports your account as fraudulent and has you blocked, you may need to ask a friend to report the incident for you.

Cybercrime is on the rise, and every business must have cybersecurity protocols in place. Read on to learn what steps you need to take to keep hackers at bay.  

 

 

Cybersecurity is a vital pillar of modern business. Hackers are shifting their attention to smaller enterprises, and data breaches can cost you time, money, and the trust of your customers. Below is a checklist of cybersecurity practices you should employ to minimize your risk of being hacked.

 

Use a branded email account

 

A branded email account exudes professionalism and gives you more control and security options than a free email service. Invest in an email provider that has the features you need, and make sure that your employees use only their business email to communicate with team members, customers, and business partners.

 

Keep software up to date

 

From operating systems to individual apps, it’s vital to install software updates in a timely manner. Outdated software may contain vulnerabilities that hackers can exploit. Rarely, an OS update may cause issues with certain programs, which brings us to our next tip.

 

Back up your data

 

Even the most comprehensive cybersecurity plan has its faults, and you’ll want a way to recover your data if the worst happens. Back up your data on a regular basis to an onsite and/or remote server. Consider investing in cloud storage or automated data backup solutions.

 

Educate and train employees

 

To maximize your company’s cybersecurity, you’ll need everyone to be on board and well-versed. Work with your IT team to design a versatile training program that caters to multiple learning styles. For example, you may have a bulleted presentation with concrete examples and a hands-on practice session. The program should teach employees daily security habits, signs of phishing, and what to do if they suspect a data breach.

 

Monitor all activity on your network

 

Data breaches can occur externally or internally, 24/7. A managed services provider (MSP) can monitor when devices connect to your network and what files are being accessed. Large data transfers or odd access times may point to a security risk.

 

Implement layered email security

 

Phishing is one of the most prolific tactics hackers use to steal data. By pretending to be a co-worker, supplier, or another person of trust, a hacker may send a malicious attachment or link to an infected website. When the victim opens the file or link, the system becomes infected with malware that may log keystrokes or encrypt files with passwords known only by the hacker. Using tools such as DKIM (DomainKeys Identified Mail), DMARC (Domain-Based Message Authentication, Reporting, and Conformance), and SPF (Sender Policy Framework), you can greatly minimize email vulnerabilities.

 

Manage accessibility and user permissions

 

It’s important to manage who can access certain files. By setting user permissions, you can grant or deny user access to certain documents. This helps prevent employees from sharing sensitive files with people outside the company or accidentally modifying a report. You’ll want to update these permissions when employees leave the company to prevent remote access.

 

Set password requirements

 

Weak passwords are a major vulnerability, especially if a hacker has done research on the account owner. Passwords should be at least eight characters in length and contain a combination of upper and lower case letters, numbers, and symbols. You should also mandate that all employees change their passwords at least

 

Use multi-factor authentication

 

Multi-factor authentication (MFA) uses multiple layers of identity verification in conjunction with the traditional username and password requirement. These might include security questions, a retinal or fingerprint scan, randomly generated PIN sent to the user’s mobile device, or a physical token that only the rightful owner of the account would have. The more layers present, the lesser the risk of a hacker getting through.

 

Just like the technology behind it, cybersecurity is constantly evolving. Whether you have an in-house IT team or an MSP you can trust, it takes teamwork and vigilance to keep your data safe and your customers confident in your business.

Cyber Security Statistics You Must Know to Keep Your Company Safe

Cyber threats are constantly evolving. Here are 5 critical cybersecurity threats that you need to know to develop a strong strategy to keep your company safe.  

Cybersecurity is more of a struggle for businesses every single year. With the number of data, users, and systems constantly growing, there are more points of attack and a greater prize for nefarious users. This is why new threats emerge on a practically daily basis.

In order to keep yourself and your company protected from these evolving threats, you must stay updated on the latest threats and trends. To help you get a better idea of the current state of cybersecurity and why it’s important to stay constantly vigilant, here are five of the most important current cybersecurity statistics:

1. New Ransomware Attacks Occur Every 14 Seconds

Ransomware attacks can be costly and put your valuable data and systems at risk. Unfortunately, experts estimate that a new ransomware attack happens every 14 seconds. That’s an average of over 25 attacks per hour and 100 per day! If you aren’t actively working to deter ransomware attacks, you’re bound to be a target sooner rather than later.

2. Almost Half of All Cyber Attacks Target Small Businesses

Many people think of cyber attacks as something that only major corporations need to worry about. After all, they’re the ones with the most valuable data. However, these businesses typically take a lot more effort to infiltrate. As a result, 43% of all cyberattacks target small businesses. These businesses are across all industries and sizes, proving that nobody is entirely safe when it comes to cyber threats.

3. Cyber Security Spending is Growing Massively

By the end of 2021, it’s expected that over $1 trillion will be spent on cybersecurity globally. Unfortunately, not all of those dollars are being spent very efficiently. In order to truly combat cyber threats, you must develop an all-encompassing cybersecurity strategy. That means spending on the right technology, but also training your employees on how to identify and protect themselves from cyber threats, and how to react in the case of an emergency.

4. Data Breaches Can Take Over Six Months to Detect

On average, some companies don’t even know that there has been a data breach for six months. By then, the damage has been done over and over again. This doesn’t take into account the amount of time required to actually identify the root cause and resolve it.

5. Average Cost of a Cyber Attack is Massive

As attacks become more sophisticated and user data continues to grow in value, the actual cost of a cyber attack is rising rapidly. In 2019, it’s now estimated to be over $1.6 million! If your business is smaller or just getting started, a single successful attack could put you out of business. There’s no bigger threat facing your company today.

Clearly, developing a strategy for comprehensive cybersecurity is a task that all businesses must take special care with, no matter how big or small they are. As the digital world continues to grow in scope, the threats will continue to grow as well. Keep the cybersecurity statistics above in mind as you develop your own strategy and work to stay a step ahead of the threats and hackers.

 

Don’t let your small or medium business fall victim to ransomware. Make sure your data, network, equipment, and employees are safe from ransomware attacks.  

 

Watch our video below to learn all about ransomware and please feel free to share with your staff and social media networks.

 

October is Cyber Security Awareness Month. You may have heard about ransomware attacks on school districts, hospitals, and government organizations. Over 20 U.S. cities were targeted by ransomware attacks between January and July 2019. The cost to the city of Baltimore alone was more than $18 million between lost city revenue and repairs to the city’s computer network. Ransomware attacks on cities, schools, and hospitals are serious, but 71 percent of ransomware attacks target small and medium businesses.

 

According to Beazley Breach Response Services, in 2018, ransomware crooks demanded an average of more than $116,000 from over 3,300 business computer security breaches they directly tracked. Cybersecurity firm Coveware reported that the average ransomware demand to individuals and small businesses grew from $6,733 at the end of 2018 to over $12,760 in the first quarter of 2019.

 

How does ransomware work?

 

In the past, ransomware usually came in the form of unsophisticated “spam” emails that most people could recognize as hacking attacks. Hackers sent out hundreds of thousands of emails hoping to trick a few unsuspecting people into revealing their passwords and other secure information. Once installed on a business or individual computer, ransomware encrypts data and stops access to programs. The program then demands a “ransom” in the form of cryptocurrency, usually bitcoin, to restore the data and access.

 

Ransomware attacks are getting more sophisticated. A 2018 ransomware program, Ryuk, was developed by a North Korean group of hackers. Ryuk has been aimed at large businesses that can’t afford any downtime. The program individually maps the networks of target businesses and steals credentials in order to install the program and encryption. One business targeted by Ryuk paid over $360,000 in bitcoin to retrieve its data.

 

Ransomware is getting better at getting around anti-virus programs and computer firewalls. Hackers are using known applications and programs that users think are safe to get around security precautions. Expert estimates report that ransomware could cost small and medium businesses as much as $11 billion in 2020.

 

What can we do to combat ransomware?

 

• First, make sure the operating systems for your network and connected devices are up to date. The 2017 WannaCry ransomware attack targeted computers running Windows 7. WannaCry was developed from U.S. National Security Agency tools that were leaked online. According to TechCrunch, up to a million computers are still vulnerable to WannaCry because they are running Windows 7 or earlier Windows versions. Microsoft also ends its support for Windows 7 in January 2020. Ransomware and other types of hacking attacks often target older operating systems that are no longer receiving regular security updates and patches.
• Second, make sure your security software is also up to date. Check it at least once a month. A managed services provider (MSP) can help in this process.
• Third, make sure you and your employees know how to recognize potential security threats. Practice good computer habits that prevent intrusions. For example, do not click on any links or images that come from an unknown source no matter how funny or appropriate the title of an email may look at first glance. Managed services providers can help to train you and your staff on good cybersecurity habits that can prevent ransomware and other attacks.
• And finally, make sure you have a good offsite backup. Businesses that have successfully overcome ransomware attacks have strong and redundant backups for their data and programs. You may lose time, but you won’t lose all of your business data. If you’re in a field that keeps confidential client or customer information, it’s essential for your business to have secure, safe backups of data in the cloud and/or separate physical data storage.

 

Managed services providers (MSPs) are responsible for keeping track of ransomware threats and understanding the tricks hackers can use to take control of your computers and demand a ransom. They can help your business to prevent a ransomware attack and protect your business data and programs in the event an attack occurs. Malicious hackers have been causing damage to computers for years, but ransomware is the first major way they’ve discovered to earn a lot of money from their criminal activities. Don’t let ransomware interfere with your business operations, profits, and growth. Take our recommended steps to fight back and win against ransomware criminals.

 

Cybercriminals no longer act alone. Find out the strategies and means cybercriminal networks are using to launch dangerous attacks against your organization. 

 

According to technology industry blogs, cybercrime incidents are growing by 15 percent each year and cybercrime has become the most profitable type of criminal activity around the globe. Cybercriminals are no longer acting alone and carrying out destructive activities that are relatively simplistic. Instead, cybercriminals have become more sophisticated in their approach. Activities are more damaging and organized. IBM’s CEO and president has stated that the new cybercriminal dangers are “the greatest threat to every profession, every industry, every company in the world.” Being aware of the fact that cybercriminal activity is now executed using the same types of structures and approaches seen in businesses can help IT leaders guard against the dangers cybercrime presents.

 

Common Types of Cybercriminal Activities

 

The scale and scope of cybercriminal activities have evolved swiftly since the 1990s. Back then, cybersecurity-related attacks entailed destroying websites and executing simplistic codes that reflected a strong dislike of the corporate culture. Now, modern cybersecurity-related attacks have not only embraced the notion of the corporate model, but have exploited the corporate world’s reliance on digital connectivity. Common cybercriminal activity now involves extortion, the theft of data and information, and sabotage. The design and spread of ransomware through electronic means reaps over $11 billion annually.

 

Hierarchical Structures

 

Besides using more sophisticated and profitable methods of wreaking havoc, cybercriminals have formed networks that resemble hierarchical structures within traditional organizations. Many groups of cybercriminals are led by someone who operates as a pseudo executive of a firm who designs an overarching strategy and tasks that are delegated to other leaders who resemble middle managers. In turn, those who work on developing malware and ransomware code are concentrated in a single “department,” while another group is focused on developing and executing distribution methods. Each group represents and operates like a functional department within an organization. Training and recruitment programs are also developed and executed for hackers that wish to join these extensive cybercriminal networks. Knowing that these networks are employing the same strategies and tactics as an experienced corporate marketing department means that any cybersecurity defense plan has to respond in an identical fashion.

 

The corporate structure and mentality have resulted in the equivalent of million-dollar salaries for some. Cybercriminals are also starting to incorporate other types of illegal activities into their “business models.” Some of those activities include illegal drug production and distribution, human trafficking, and counterfeit goods. Stopping and removing the threats that cybercriminals pose mean considering the possibility that these cybersecurity threats are occurring in conjunction with seemingly unrelated activities. Any defense plan must consider all possibilities and guard all potential and vulnerable points of access.

 

Depending on the scope of the attack, the cost of getting hacked can be in the hundreds of thousands or more. Here’s what you need to know. 

 

 

When it comes to cyberattacks, all too often the bad guys win. Hackers have targeted local governments, airports, banks, and businesses, stealing usernames, passwords, and sensitive private data. While they may sell this information on the black market, they often hold it for ransom. With no other way to retrieve the stolen data, victims are forced to buy back their belongings while the thief vanishes into anonymity. Here is a look into the true price of getting hacked and what you can do to protect yourself.

 

Lake City, Florida mayor Stephen Witt announced that the city would pay hackers $460,000 to recover stolen data. The thieves seized control of major email servers, bringing the city’s operations to a grinding halt. Witt claimed that cyber insurance would cover all but $10,000 of the ransom, though it’s uncertain whether the city met the policy’s criteria for protection.

 

Ransomware: An Alarming Trend

 

Ransomware attacks are on the rise, and victims are paying exorbitant sums to regain their data. Three attacks occurred in April 2019 alone, hitting Tallahassee, Augusta, and the Cleveland Hopkins International Airport. The ransomware forced operations to close, with the Tallahassee attack costing the city nearly a half-million. Hackers frequently target municipalities and government organizations knowing the high value of the stolen data and its importance in operations. In many cases, the data isn’t exactly stolen, but encrypted to prevent access. After the ransom is paid, the hackers unlock the data, or so they promise.

 

Research conducted by SentinelOne found that only 26% of U.S. companies that fell victim to ransomware and paid the ransom were able to access their files. And even if the hackers honor their end of the deal, they may attack again. In fact, organizations that ponied up the cash were hit again 73% of the time. What’s worse is that some cybersecurity providers are in cahoots with hackers, splitting the ransom between them.

 

MSPs at Risk

 

Managed service providers (MSPs) are often the strongest line of defense against hackers. Unfortunately, hackers know this and have started to attack the software and systems that MSPs use to protect customer data. By infecting these systems with malware, hackers can access account credentials and use them to log in to customer accounts. They can then obtain bank accounts, addresses, phone numbers, credit card numbers, and other private data.

 

How Can MSPs Fight Back?

 

As hackers become more adept, MSPs need to step up their game. Frequent testing of defense systems, backup and recovery plans, and other cybersecurity measures is a must. The National Institute of Standards and Technology (NIST) has published a framework to mitigate cybersecurity risk to assist MSPs in keeping hackers at bay.

 

As is the case in medicine, prevention is the best cure for cyberattacks. Cities, corporations, and businesses must work together with MSPs to reduce their likelihood of being targeted and have multiple plans in place if a breach occurs. By staying proactive, the good guys can make it difficult for hackers to get what they want.