Tag: securitybytes

 

 

Your employee innocently clicks a link within an email or visits a sketchy website and the next thing you know your digital assets are being held hostage by a cyber attacker. It only takes a few keystrokes to cause potentially irrevocable damage to your systems, and hackers are always looking for new victims. With ransomware, you may be able to regain full access to your files and other digital assets — but at what cost to your business? No size of business is immune to cybersecurity assaults, and ransomware is on the rise in small businesses. In this Ultimate Small Business Owner’s Guide to Ransomware, you’ll learn more about the threat, tips to protect your business and suggestions on how to recover after your business has been infiltrated.

 

What is Ransomware?

 

Ransomware is a specific type of malware that results in you losing access to your digital assets until a ransom is paid to the attacker. The assumption is that as soon as you have paid the cybercriminal, you’ll regain access to your information — but there is no guarantee that hackers will unlock your files after payment. The loss of access to your information and business systems can be crippling for your business, sending productivity into a downward spiral and frustrating customers and vendors alike. The faster you or your IT security provider are able to react, the more you will be able to limit the damage done to your organization and reputation due to ransomware. The three primary types of ransomware are:

 

• Data encryption or fundamentally changing the format of your files
• Programs that hijack your desktop files and require payment to unlock them
• Mobile ransomware that prompts you with payment instructions

 

Each type of ransomware presents particular challenges for your organization.

 

Dangers of Ransomware

 

Aside from losing access to your files, your business may effectively be at a standstill with a widespread ransomware attack. Computer and phone systems, your website, your email servers — all are interconnected and can be vulnerable to this type of aggressive malware. Today’s data and technology platforms are often tied tightly together which expands the reach of a particularly malevolent attack. The effects can be far-reaching, from an inability of customers to place orders or check order status to causing your automated production lines to grind to a halt. Until you are able to regain access to your data and files, your business may be relying only on printed information. This is particularly damaging when you consider how many of today’s offices are going paperless.

 

How is Ransomware Spread?

 

Ransomware is spread in a variety of ways, but the most common is through someone clicking a link within an email or visiting an infected website. These back doors to your systems provide hackers with easy access to business-critical systems and information, allowing them to virtually lock the door to your digital assets. Social engineering is another way that unsuspecting staff members are tempted to provide the keys to the virtual kingdom. Hackers are becoming extremely deft at using information stored on social networks to create ads or messages that seem to be from trusted colleagues — yet lead to malware.

 

Are Small Businesses Vulnerable to Ransomware?

 

You may think that only larger businesses with deep coffers would be tempting to cybercriminals, but small businesses are considered quite vulnerable and may be ideal targets for a quick attack. Small business owners are often lulled into having a false sense of security thinking that they are too small to be a target. A 2018 data security report by Verizon shows that 58% of malware attack victims were small businesses. Stealing your customer information can be the work of a few hours for a hacker, and these data points are extremely valuable on the dark web. It’s relatively easy for individuals to gain access to the tools that are required to break through basic security measures. It’s crucial for small businesses to stay informed and enhance their security profile in order to protect sensitive competitive and customer information.

 

How Can I Protect My Small Business from Cyber Attacks?

 

Protecting your small business from cyber attacks begins with assuming a more aggressive security posture. It’s no longer a matter of simply scanning emails for viruses and adding a firewall. The increasing scope of data breaches means you will need to either invest in internal security infrastructure or work with qualified professionals who specialize in cybersecurity. Protecting your business from ransomware and other cyber attacks requires a range of protective measures, including:

 

• Staff training on creating adequate passwords and the importance of never sharing passwords
• Limiting data and systems access for unauthorized users
• Thorough review of endpoints, including secure employee and guest WiFi access
• Close monitoring and review of when and how contractors are allowed access to systems
• Maintenance of government regulations and compliance mandates
• Advanced antivirus software, preferably with active monitoring
• Regularly reviewing and enhancing backup and recovery strategies
• Applying software patches and updates in a timely manner

 

Each of these strategies will take time and effort to implement, and they all work together to help protect your organization from being the target of a ransomware or other type of malware attack.

 

Recovering After a Ransomware Attack

 

Understanding the type of ransomware that has been added to your system is the first step in recovery. This will help you or your technology service provider determine the next steps for restoring full system usage. If you planned ahead and have a solid backup and recovery program, this is likely when you’ll begin taking those steps. IT security professionals recommend taking these steps to recover from a ransomware attack:

 

• Disconnect everything to limit infiltration to unaffected systems
• Take pictures or screen captures of the ransomware screen, including the payment requirements and information
• Begin taking steps for recovery
• Learn more about the specific type of ransomware that is affecting your system
• Determine whether you are able to completely restore your systems from backups

 

Finally, create a crisis communication strategy that will allow you to provide customers and employees with the information they need to continue working after the attack.

 

The best option for your business to survive a ransomware attack is to avoid it — but that’s not always possible. Become educated on the dangers of this particular type of malware and how you can prevent it, or you risk becoming yet another statistic in the ongoing fight against cybercriminals.

 

 

Why Small Companies is the First Target for Online Hackers

 

According to the SBA, small business employs less than 500 people and realizes less than $7 million in profits annually. This standard defines a small company across the global business world. A large percentage of these smaller businesses operate as privately owned companies. Hackers are especially targeting these smaller businesses with 10-250 employees. Many of these companies use a weak online security system.

 

It is vital that business executives of these smaller companies sharpen their IT systems. Additionally, it is critical that all large company CEOs in this twenty-first century become educated about hackers targeting small businesses. Many business executives, business owners, C level executives, and business managers may ask.

 

What does this information have to do with my corporation?

 

Times have dramatically changed. The small business owner is now a big target to get to larger companies. This little fish in the world of trade leads to a much bigger catch, namely larger corporations. This method that hackers now use has seen an increase of over 250 percent over a year ago, an unnerving thought.

 

We live in a dramatically different world today. We live in a digital world, like it or not. Small business owners, especially aged business owners can no longer do things from an old school perspective. No longer can business be done via pencil and paper. If owners do not have an active internet presence, the company does not thrive. This increasing and necessary internet presence are dangerous. This internet presence is an immense playground for hackers who can close the doors of many small business owners and do irreparable damage to larger corporations.

 

Protecting Company Assets and Great Reputations

 

All business owners must protect their excellent reputation and a company’s assets. It is critical that business professionals across the globe seek to increase knowledge and information on how highly secured IT systems is so vital to their business and online presence. Sharpened IT technologies can protect your company from hackers targeting smaller businesses. Hackers now utilize the small business owner first as a stepping stone to gaining sensitive information from large corporations worldwide.

 

What is Drawing Hackers to Small Businesses?

 

Hackers are working hard to send dangerous viruses, malware, or phishing attacks through small business systems. Hackers are leveraging extortion against small business owners to get to larger corporations. Perhaps the small business owner does not have a quality, highly secured IT system to protect their company from these hackers. Hackers use information gained from small businesses linked to large companies to con the smaller companies into handing over sensitive corporate data.

 

The smaller business has a more significant presence online. These smaller companies use Cloud service which is grossly unprotected, unencrypted, and readily accessible to hackers.

 

What Do Hackers Want With Company Files?

 

There is a lot of personal customer information hackers find vital to their existence such as names, dates of birth, Social Security numbers, phone numbers, financial numbers, and more personal details. Hackers use this personal information to get money, or they sell this information to other entities who will use them. This private and sensitive information equals millions of dollars to hackers.

 

The methods by which hackers use to infiltrate companies cycle in popularity. IT systems find that the use of ransomware is dramatically increasing in popularity over the last few years. Ransomware infects a companies PC which in turn encrypts those files denying that company access to their records. Hackers hold this vital information for money. Companies know that the information contained is worth a lot more money than the pirates demand. This method leaves small business owners no choice but to pay up. Hackers target small businesses across the globe as a vital link to infiltrate larger companies. The best security a CEO can have is firm security for online presence. IT professionals highly recommend an up-to-date and secure computer system. Additionally, recommendations are for an offsite backup.

 

How Can Small or Large Companies Avoid Attacks by Hackers?

 

Companies across the globe must follow strict guidelines and laws in place protecting sensitive data. If companies do not follow these laws, there are severe penalties. These penalties can be so expensive to the company that it must close its doors. These set guidelines tell businesses the following.

 

• How to store vital, personal information
• How to safely access sensitive information
• How to protect confidential information
• How to save and protect a customer’s financial information such as credit card, and banking numbers.

 

A breach in any company’s files is a nightmare which is liable to ruin the reputation of an excellent company. It takes many years for that company to regain the trust of clients. Some corporations never recover the confidence of their clients.

 

It is vital that all businesses have reliable and secured IT systems to ward off online attacks by hackers.

 

Educate employees never to hand over sensitive information to people unknown to them. Employees must protect information about their companies customer base, their vendors, and their suppliers.

 

Stress the importance of employees developing strong passwords and frequently changing passwords.

 

Checking and deleting all emails sounding sketchy is vital.

 

Employees must be aware of all of their online actions.

 

Never store sensitive information in the Cloud services. This service does not offer encryption, and it is easy for hackers to access.

 

Security systems are continually changing as much as hackers change their methods of breaching firms. Initiate sound online security systems, backup sensitive information offsite, install updated software, remain vigilant concerning severe hacker attacks and possible damage to the company.

 

Large and small companies across the globe yearn to be a trusted entity for clients. Trust may take years to earn and longer to get back when lost. Sometimes trust, once acquired is never regained once lost to hackers.

 

 

The auto-fill feature that makes it easy to enter in usernames and passwords on various websites may be putting your information at risk.

 

While auto-fill is a convenient way to keep track of the many combinations of letters, numbers and special characters you need to access sites, the feature is also being used by advertisers and hackers. That’s why many security experts are suggesting turning off the auto-complete feature in your web browser.

 

Password manager programs embedded in browsers are a simple way to get access to a password-protected website. The password manager auto-fills your details, giving you one-click access to account information meant to be kept private.

 

How Hackers Get Access

 

If hackers get access to a compromised website, they can put an invisible form on the site and easily collect users’ login information. If your browser automatically enters this information when it sees the appropriate boxes on a web form, it adds the info everywhere those boxes are found on a page, whether they’re seen by the user or not.

 

Because most web users use the same username and password for multiple sites, the theft of this information on just one website can expose your information on many others.

 

Not Just Hackers

 

It may come as a surprise to learn that hackers are not the only ones trying to use your login information. Some ad networks are using tracking scripts to grab email addresses stored in your password manager for auto-filling. That tech can be used to grab passwords too, whether stored on a browser or an independent password management site.

 

The ad networks are using the same technique as hackers — an invisible form that captures your credentials provided by the password manager. Here’s a helpful demo page that shows you how it works.

 

Ad networks are using this information not to hack your data, but to understand what sites you navigate to better target ads to you. And while they claim to only be grabbing email addresses, the potential for further abuse is there.

 

What Computer Users Can Do

 

Password managers by themselves are still useful tools, especially given the number of codewords we need to go about daily web browsing. It’s the auto-fill mechanism that needs to be disabled. That’s simple to do.

 

On Chrome

 

• Go to Settings
• Search for Passwords and click on the Passwords arrow
• Toggle the Auto Sign-In tab to the left (it should be grayed out not blue)
• For more protection, you can stop Chrome from saving any passwords by toggling the Offer to save passwords to the left

 

On Firefox

 

• Open Options
• Click on Privacy & Security in the left-hand navigation
• Click on History
• Select Firefox will: Use custom settings for history
• A new submenu will appear
• Unclick on Remember search and form history
• To fully disable saving any passwords, go to the Logins & Passwords section (just above History) and unclick Ask to save logins and passwords for websites

 

On Safari (Desktop)

 

• Open the Preferences window
• Click on the Auto-fill tab
• Turn off all features related to usernames and passwords

 

On Safari (iOS)

 

• Go to Settings
• Scroll down to Passwords & Accounts and click on it
• Toggle the AutoFill Passwords tab to the left

 

Disabling the auto-fill features means spending a little more time finding and entering usernames and passwords manually. However, these steps protect you from prying eyes looking to gain more information about you and your accounts.

 

 

If the frightening headlines about massive data breaches were not warning enough, upwards of 60 percent of all small and mid-sized businesses, reportedly shutter within six months of a systems hack.

 

The leading causes of nefarious systems incursions are reportedly caused by about 25 percent of valued employees repeating the same username and password across multiple platforms. But what remains even worse is that fact that as many as 95 percent of all small businesses lack adequate protocols to safeguard important company or customer information.

 

In the coming months and years, cyber threats are expected to continue to pose a grave danger to the health and well-being of small and mid-sized organizations. The question business leaders may want to ask themselves is . . . will you join the 60 percent of companies that did not recover from a data breach?

 

Strengthen Your Business Defenses

 

Many of the toppled 60 percent may wish they knew then what many know now. That is, the key to cybersecurity does not solely depend on having the best software protections. According to the National Cybersecurity and Communications Integration Center, and Department of Homeland Security, nefarious email remains a primary trap used by cybercriminals and DHS recommends the following safety procedures.

 

“Never click on links in emails. If you do think the email is legitimate, whether from a third party retailer or primary retailer, go to the site and log on directly. Whatever notification or service offering was referenced in the email, if valid, will be available via regular log on.”

 

“Never open the attachments. Typically, retailers will not send emails with attachments. If there is any doubt, contact the retailer directly and ask whether the email with the attachment was sent from them.”

 

“Do not give out personal information over the phone or in an email unless completely sure. Social engineering is a process of deceiving individuals into providing personal information to seemingly trusted agents who turn out to be malicious actors. If contacted over the phone by someone claiming to be a retailer or collection agency, do not give out your personal information. Ask them to provide you with their name and a call-back number. Just because they may have some of your information does not mean they are legitimate.”

 

As you can surmise, these cyber safety measures do not necessarily rely on the latest antivirus software or systems protections. Hackers continue to take advantage of human oversight and error to infiltrate organizations and pirate valuable personal data and intellectual property. Homeland Security also recommends that business leaders implement the following employee training and protocols to protect against data breaches via email.

 

• Maintain Secure Passwords: Change passwords regularly and never share them or provide co-workers with access.
• Verify Sources: Make certain that emails originate from people and companies within your network by contacting them directly for verification.
• Nix Auto-Download: Never use automatic download options for email attachments.
• Never Click On Links: Embedded links are a primary method used by hackers to trip up team members through ransomware and malicious viruses.

 

Strengthening a company’s defenses begins with employee training and awareness that data breaches are not reserved for significant organizations and Fortune 500 corporations. Hackers continue to troll for low hanging fruit and unsuspecting employees who make innocent mistakes.

 

Employee Cyber Security Training is Job One

 

Although ransomware attacks reportedly declined from 638 million in 2016 to 184 million in 2017, according to Statista, this method has been used to target a tremendous number of small and mid-sized outfits.

 

The common attitude among cybercriminals is that decision-makers will ultimately weigh the cost of paying the ransom against potential profit losses and do the math. Hackers understand that poorly defended organizations are likely to negotiate and pay up. That’s why valued employees must remain vigilant and be a sort of human firewall if you will.

 

Proactive industry leaders are tasked with training employees and also determining which team members could be considered at risk. An IT support team can utilize training videos, create a cybersecurity policy and implement it by working with groups and individuals. But once the hands-on work has been completed, it’s imperative that companies conduct ongoing cybersecurity evaluations. These are logical methods to consider.

 

• Identify team members who could be best targeted by hackers.
• Deploy unscheduled mock cyber attacks.
• Create and release convincing but harmless mock ransomware links via email.
• Require employees to complete cybersecurity training modules.
• Require advanced training for those who are tripped up by mock cyber attack drills.

 

We may be living in a golden age of technology, but our everyday fallibility remains the threshold that cybercriminals use to break into our business systems and rob our valued customers and us of critical data. One of the primary ways to avoid joining the 60 percent who are out of business is to make team members aware of cyber dangers and provide them with the skills to combat cybercriminals.

 

 

As businesses add more layers of cybersecurity to their arsenals, cybercriminals are finding new ways to attack system, networks and devices. There is a constant stream of emerging threats that can mean trouble for companies of any size.

 

Why Is Data Security a Major Challenge Going Forward?

 

Businesses today are realizing the vast opportunities that come from leveraging, monetizing and collaborating on their collected data. That means companies need to protect their data not only from privacy breaches but also from data misuse, data manipulation and loss of intellectual privacy.

 

Data validity, for example, is one particular area of cyberattack emerging. Data need not be stolen to hurt the business reputation. Instead, hackers could alter data such that it becomes invalid or inaccurate in such ways to delegitimize business outcomes and partnerships.

 

Industries need to identify and deploy new technologies that protect data while it’s at rest and in transit. Privacy risks related to data in use are hindering the full realization of data collaboration, limiting the opportunities available to companies.

 

Here are 8 other cybersecurity challenges that businesses need to combat now or shortly.

 

1.  Chatbots at Risk

 

Artificially intelligent chatbots have become commonplace, helping to answer questions and guide web visitors to required information and action. Hijacked chatbots, however, could mimic existing tools to drive victims to click on links, download malicious files or share private information.

 

Web application flaws could also be exploited to insert malicious chatbots into sites that don’t have one.

 

While these intrusions will likely be text-based bots for now, shortly, speech-enabled bots could lead to further victimization over the phone or other voice-enabled technologies.

 

2. Artificial Intelligence Mean Powerful Malware

 

The rise of AI, the Internet of Things and machine learning means more opportunities for business transformation. They also invite more smart attacks using intelligent malware. Cybersecurity providers need to develop new means of detecting these threats and training personnel to recognize and prevent them. Many of these preventative measures need to be automated to provide continuous detection and prevention.

 

Part of the challenge is the sophisticated tools hackers are using. Updated exploit kits, artificial intelligence and natural-language algorithms have allowed hackers to automate convincing emails. Simple processes allow for the generation of emails to millions of stolen addresses with compelling phishing attempts.

 

3. Data Exposure

 

AI-enabled applications rely on data pools to power advanced functionality, both for smaller companies and giants like Amazon and Facebook. The increasing use of data pools means more potential for developers to expose information, often customer data. These data aren’t necessarily subject to hack, but instead are vulnerable and accessible to anyone who can find the vulnerabilities.

 

4. Cyberwarfare

 

Bad actors are no longer content on ransomware and phishing attempts. Technology advancements provide new opportunities for targeted and individualized attacks.

 

These attacks may leverage artificial intelligence to target individuals or corporations. Data integrity attacks, for example, could force organizations to completely replace computer hardware. Physical assaults could use drones and other tools for physical assaults.

 

5. Infrastructure at Risk

 

Nation-states will continue to wage cyber attacks on enemies with state-sponsored attacks on infrastructure. Attacks on national security, emergency communications, public health and financial systems could cripple governments and create spiraling consequences for the private sector.

 

Smaller conflicts could also be used as testing grounds for nation-states to assess new tactics, procedures and technologies that could be used in more significant geopolitical conflicts.

 

6. Data and Privacy Regulation

 

In 2018, the launch of GDPR, covering privacy issues for European Union citizens, forced companies to reevaluate their privacy and disclosure procedures. Similar privacy laws were approved in Canada and California. These new regulatory mandates are likely the first wave of protections that will force companies to spend more on cybersecurity, data transparency and reporting. As control of data begins to shift from institutions to individuals, companies are going to need better ways to monitor and report on compliance from multiple jurisdictions.

 

7. Connected Devices in the Crosshairs

 

With connected refrigerators, stoves, thermostats, doorbells and washing machines becoming the mainstay in many homes, the possibility of exploits is grave. Hackers will begin to identify and exploit vulnerabilities in these smart devices. Manufacturers will need to build in additional safeguards and architecture to meet growing consumer demand while keeping bad actors away.

 

8. Industrial Control System Risks

 

While there are more automated systems to allow for greater control of buildings, utilities and factories, there are inherent risks of exposure. Many of the players providing the technology in this space are new, making high-value targets all the more enticing to hackers.

 

Each year brings with it new technical innovations sure to drive better business outcomes. At the same time, hackers will find more sophisticated means to create more effective intrusions.

In July 2018, an article published by Naked Security stated that SamSam, one of the latest ransomware threats, has been one of the most costly and dangerous attacks in history. SamSam leeched at least $6 million from unwitting victims, some of which were well-known businesses and government operations.

 

SamSam ended up costing the Colorado Department of Transportation upwards of $1.5 million as of April 2018, according to the Denver Post. The FBI and Department of Homeland Security (DHS) agencies have stepped in with recommendations to help business owners keep themselves and their data protected from not just SamSam, but other malware as well.

1. Make changes to systems that rely on RDP remote communication.

If you don’t use the RDP service, disable it. If you do rely on remote communication, work with an IT consulting agency to implement upgraded patches that conform to current system operations.

2. Use firewalls to protect open RDP ports.

If your system utilizes open RDP ports and public IP addresses, make sure these are rightly protected with a firewall. Virtual private networks should be used to access these ports, so make sure all users understand how to access the systems even once they are protected.

3. Beef up system passwords and lockouts.

One of the easiest ways to defend against brute-force attacks is to beef up your passwords and lockouts that are in use. USA Today says passwords should be a random collection of characters (upper and lower case), at least eight characters long, and that you should use a different password for each application. Use strong passwords among shared devices just the same as you would on the internet.

4. Utilize two-factor authentication processes.

Two-factor authentication processes offer an extra layer of security for applications that have it available. Many business owners skip doing two-factor authentication because it saves time, but this is an easy way to make systems more secure.

5. Pay attention to system updates as they become available.

System and software updates are hugely important, whether they are manually implemented or automatically added. These updates are frequently released as new threats emerge to the surface that would otherwise compromise an existing system. Never turn off automatic system updates and have a business security expert check your system for updates on occasion.

6. Implement a reliable backup strategy.

If something happens and your system is compromised by a SamSam ransomware attack, you need to have a backup plan already in place. Therefore, it is critical to implement a reliable backup access strategy so your system and your data can remain accessible.

7. Enable system logs and keep them for at least 90 days.

System logs will record every login attempt through RDP ports and other applications. In the event of an attack, IT analysts will be able to pinpoint the exact time that the system was infiltrated, which can be really helpful to solve the problem.

8. Follow guidelines for accessing cloud-hosted services.

If you do have cloud-hosted data that you frequently access, follow that provider’s rules for accessing your data and do not ignore their guidelines. These rules are specifically in place to keep your information protected. If you are using third-party services that require RDP access ports, make sure the service is following the latest safety practices.

9. Keep network exposure at a minimum for critical hardware.

In other words, if you have a hardware system that can function without being interconnected to all other devices on the network, then operate it as a standalone component. Just because you can connect everything in the modern technology setting, it does not always mean that you should. If SamSam or another ransomware attacks, hardware that is not connected can be safe. Likewise, it is good if you turn off sharing between printers and other devices unless it is absolutely necessary.

10. Restrict users from running software and opening emails.

There should only be trusted people within your business who are allowed the privilege of running software on any system. Therefore, make sure all users have a clear set of outlined access permissions and restrictions. It is also essential that email attachments are carefully handled, which means not every user should be allowed to open, access, or view email attachments.

Even though protecting your business from SamSam ransomware and other business cybersecurity threats can be time-consuming, it is these lines of protection that will save you from an expensive attack. Reach out to a cybersecurity expert for more information about adequately protecting your business network.

 

Regardless of the money businesses invest in cybersecurity, technology is only part of the cybersecurity puzzle. Regardless of new hardware, updated software and the best IT support team, cybersecurity is an ongoing commitment. Cybersecurity must be on the minds of every employee every hour of every day.

 

 

A Chain Is Only As Strong As Its Weakest Link.

This idiom is attributed to Thomas Reid who wrote “Essays on the Intellectual Powers of Man” in 1786. It first appeared in print in 1868 in the Cornhill Magazine. Simply put, it means that a group of people can only be as strong or successful as the weakest or least successful member.

 

Email is a favored method of cybercriminals – email is used to transmit ransomware, viruses and other harmful software.

 

Each email that each employee opens represents a cybersecurity threat. Only with a continuous and ongoing employee awareness program can you have an effective cybersecurity solution. It only takes one employee opening one email to expose your business to a cyber-attack.

 

Employees come and go – make sure that critical passwords are changed when an employee leaves. Be sure that new hires understand your cybersecurity policies and know to whom they should report potential risks.

 

What Can Businesses Do to Ensure Employees Don’t Pose a Security Risk?

First, ensure that you have a firewall, up-to-date anti-virus software and a spam filter. Always make sure that every new computer, laptop or tablet is up-to-date on these items before it is given to an employee.

 

Email 101. Teach email safety. These simple questions will help employees evaluate emails that originate from unknown senders.

• Who is this email from? Virtually every email should be originating from a fellow employee, a supplier or a customer.
• Why am I getting this email? Emails should relate to an employee’s job description.
• Are attachments safe to open? Have you taught your employees how to decide what types of files are safe to open?
• Does an email threaten to cancel a credit card or close an account if you don’t pay money? Employees need to understand this might be ransomware.
• Is an email really from someone known? Teach employees how to spot suspicious “look-alike” email addresses.
• Does anything just not seem right about an email? Neither the IRS nor the FBI sends emails to employees.

 

Continuing Education for your Employees. People are people, and they forget. Employees need ongoing training about email safety. Keep the training short and exciting to keep their attention.

• Weekly mini sessions – perhaps by the department.
• Utilize a speaker from your IT provider.
• Weekly email “Cybersecurity Tip of the Week.”
• Share actual case studies (specific to your industry is ideal).
• Monthly E-newsletter – could be part of your IT partner’s service.
• Simulated phishing attack conducted by your IT partner.

 

The Power of Human Error

In spite of educating your employees, human error accounts for almost 50 percent of data breaches. The accidental loss of a device or a misplaced document may be the cause of a severe security breach. Shred-It vice president Monu Kalsi observes that the smallest bad habits may result in substantial security risks. Examples include:

 

• Leaving a work computer unsecured while on break or in a meeting.
• Leaving sensitive documents out on a desk overnight.
• Accidentally leaving sensitive documents on an airplane (the Homeland Security Super Bowl debacle).
• Leaving sensitive documents within view of others in a public space.
• Using public Wi-Fi.
• Sharing company-issued computer with family or friends.

 

Draft a written policy to provide each employee who works remotely from home or when traveling.

 

Another potential source of human error may come from sub-contractors or vendors who have access to your facilities and/or employees. The Shred-It study showed that 20-25 percent of security breaches were caused by vendors. Ensure that when a vendor relationship ends that all ties are severed – change codes for keyed entrances when there is a vendor change.

 

Attention to small details may save your company lots of money.

 

The Bottom Line …

Employees are human. They make mistakes or commit errors in judgment. They also forget. Invest in updates for firewalls, security software and well-trained IT personnel. Regular cybersecurity training for your employees protects your business from damaging cyber-attacks.

 

• Update policies. Incorporate a clean desk policy to prevent unauthorized copying or theft of critical document. Develop and institute a vendor policy and a remote employee policy.
• Go paperless whenever possible. Invest in technology that scans essential documents into PDFs that are emailed to the owner of the document. Shred the document immediately after scanning.
• Hard drive disposal. Destroy obsolete hard drives. Never throw them away because even deleted information can be retrieved by smart cybercriminals.
• Lost device policy. Designate someone that employees can tell immediately if the equipment is lost or stolen.

Hackers Know How to Steal Money Anonymously

 

In West Barnstable, Massachusetts, Cape Cod Community College recently fell victim to a phishing scam that resulted in the school losing more than $800,000. The money was taken out of the school’s bank accounts. While this kind of scam is common these days, there are measures a business can take to prevent it. In the case of Cape Cod Community College, experts believe endpoint security solutions using next-generation technology would have prevented the monetary loss for the school.

 

 

The hackers of today are quite sophisticated, and if a business falls victim to one of their scams, there is often very little they can do about it. Hackers know how to remain anonymous, and leave few if any, digital footprints to follow. This means the likelihood of recovering one’s money is little to none. That is why it is so vital to prevent these things before they happen by using proper technology.

 

The president of Cape Cod Community College, John Cox, revealed the financial loss via a digital theft to the staff and faculty of the school in an email on December 7. By working with the bank at which the school’s accounts were held, the school has been able to recover about $300,000 of what was stolen, which is more than most smaller businesses would be able to do. It is unlikely they will be able to recover the entire $800,000, but they might be able to get some more of the money back by working closely with the bank, as they are doing.

 

Details of the Digital Theft

 

Cox gave an interview with a local newspaper after informing the workers at the college of the theft. In the interview, he revealed many interesting details about the theft, including:

 

• The email that allowed hackers access to the school’s bank account information appeared to come from another college, so it seemed safe to open the attachment that came with it.
• After opening the attachment, the person who initially opened the email believed the attachment was suspicious and alerted the school’s IT department. Alerting the IT department is standard protocol at the school when it comes to suspicious emails and attachments.
• When the IT department did a diagnostic on the attachment, they found a polymorphic computer virus embedded in it. They quarantined the virus, but it had already gotten into the school’s computer network.
• The scammers had a fake URL that seemed to go to TD Bank, where the college has its accounts. By placing phony calls to school employees to validate transactions, the scammers were able to make nine transfers out of the college’s bank accounts, totaling $807,103.
• The scammers attempted 12 transfers, but workers at TD Bank recognized three of them as suspicious and did not allow them to go through.
• Cape Cod Community College has recently installed next-generation endpoint protection software, but only on some of their computer networks. If it had been installed on all of them, the hackers likely would not have been able to gain access to the school’s bank account information and use it to transfer out the money.

 

Other Schools Have Had This Issue, As Well

 

Cape Cod Community College is not the only school to have this kind of issue in recent times. In June of 2018, hackers stole around $1.4 million from 21 account holders in the Connecticut Higher Education Trust.

 

Hackers are not just after money, either. They are out to cripple the schools they target. Sometimes, they don’t steal any money at all, but instead, generate outages of the computers at a particular school. This happened to a college in Wisconsin in June of 2018, and it resulted in classes having to be canceled for three days because the computer infrastructure to support the classes, students, and employees wasn’t there.

 

It hasn’t just been colleges being targeted, either. K-12 schools are also targets. A public K-12 school in New Jersey lost $200,000 in September of 2018 in a phishing incident similar to the one experienced at Cape Cod Community College.

 

Technology Companies are Stepping Up to Help Prevent This

 

Technology companies are stepping up in light of such incidents, creating phishing simulators to help schools teach their employees to avoid allowing their workplaces to become the next phishing victims. They are also reaching out to schools to increase awareness of the need for next-generation endpoint protection software, and to help schools install and use it.

In late 2018, the Federal Trade Commission (FTC) issued a stark warning about a massive data breach at a Marriott chain that exposed the records of 500 million people.

 

The latest major corporate breach reinforces the need for companies to invest in multilayered security protocols that protect networks, devices and users.

 

What Happened at Marriott?

 

Marriott International reported that a breach of its Starwood guest reservation system exposed personal information on millions of people, Hackers gained access to highly sensitive data, including names, physical addresses, email addresses, phone numbers, gender, and loyalty program data. Among the most potentially damaging information taken were passport numbers, dates of birth and payment card numbers and expiration dates. While the payment card data was encrypted, the company did not know if the hackers had also stolen the technology needed to decrypt that information.

 

The breach began in 2014 and could affect anyone who made a reservation on or before September 10, 2018, at any of the Starwood brands, which comprise Le Meridien Hotels and Resorts, Sheraton Hotels and Resorts, St. Regis, W Hotels and Westin Hotels and Resorts.

 

How Did Marriott and the FTC Respond?

 

Marriott sent an email to warn those who may have been affected by the breach. However, the company ran into some criticism in its response, too.

The emails came from a third party and not the chain itself. The domain, email-marriott.com, doesn’t load or have an HTTPS identifying the certificate. That could lead other hackers to spoof the email and pretend they’re Marriott, duping consumers out of more personal information.

The company has offered a year’s worth of free internet site monitoring that generates an alert if evidence of a consumer’s personal information is found. However, the service is not available in all countries. U.S. consumers also can obtain free fraud consulting and reimbursement coverage.

The FTC encouraged consumers to check their credit reports and credit card statements for accounts or activity that’s not recognized. The agency also suggested placing a fraud alert or freeze on their credit reports.

 

What Can Companies Do To Prevent These Issues?

 

To ensure that your systems and networks are protected adequately from such intrusions, it’s wise to invest in a comprehensive assessment of your existing security defenses. An experienced IT services provider can assist with this assessment and recommend improvements to shore up areas that are lacking.

Today’s companies need a blanket of protections on several levels, including:

• Network Perimeters. Advanced firewalls block your network’s perimeter and issue alerts when suspicious activity is detected. With 24/7 automated monitoring in place, companies can be confident that unusual behavior is identified, contained and addressed before significant harm can be done.
• Devices. Every device on your network needs to be protected with advanced anti-virus, anti-spam and anti-phishing detection systems. These applications should run continuously in the background and be updated automatically to address emergent threats. By quarantining suspicious emails, these tools help prevent users from unwittingly providing access to bad actors.
• Authentication. Companies are increasingly using multi-factor authentication protocols to safeguard access. Multi-factor authentication, for example, may involve completing additional steps after entering a password, such as typing in a code texted to a registered mobile device or clicking on an email link. While these protections may be a minor annoyance to some users, if a device is stolen or lost, the procedures can keep access protected.
• Cloud Backups. Storing data and applications in the cloud helps keep your critical information protected. Cloud providers and managed IT services companies use both digital and physical safeguards to make sure that data is encrypted and accessible in a moment of need.
• Business Continuity. When a natural disaster or hack occurs, your operations can be offline for days or weeks unless you’ve planned ahead. Business continuity planning allows your company to develop the protocols and procedures that will be deployed during and after a disaster. This planning involves identifying the people and responsibilities to manage these events, developing risk assessments, testing the responses and making adjustments as necessary.

This broad approach to security helps minimize the likelihood of a Marriott-level incident damaging your company’s business and reputation.