In today’s busy digital age, new cybersecurity developments appear every day. At the end of 2019, Canadian health diagnostic testing company LifeLabs reported that the private information of 15 million patients had been compromised. In the first week of 2020, the geopolitical standoff between the United States and Iran raised the chances of a damaging cyberattack. And just this week, security experts found evidence of ransomware perpetrators publishing critical business data on the dark web.
It all adds up to a major plot twist on the traditional storyline behind data breaches and cyberattacks. Ever since the WannaCry virus brought ransomware to mainstream attention back in 2016, data backups have been touted as a preventative measure against infection and data loss. But with this alarming new development about ransomware tactics, even a business that decides to pay a hacker the requested ransom can still suffer in the long run.
Particularly vulnerable targets include industries with weaker cybersecurity defenses: think state and local governments like those impacted in 2019, along with healthcare companies like LifeLabs. The Toronto-based company alerted customers to look out for identity theft and other issues related to a data breach while downplaying the threat to more than a third of the entire Canadian population. “The view of these crimes is they are not actually interested in the individual data themselves,” Charles Brown, LifeLabs President and CEO, told the CBC’s Early Edition. “They are interested in the company.”
How Can Attacks like This Be Prevented?
The good news is that forward-thinking cybersecurity protection can make a big difference in keeping your business, your systems, your information, and your employees safe.
Properly deployed intrusion detection tools like SIEM/SOC can highlight cybersecurity vulnerabilities before hackers exploit them. Network traffic analysis can recognize indications for suspicious activity, matching specific issues seen on one system to wider trends in the digital world. All of this can help to prevent the loss or encryption of critical data, with a trusted IT partner providing a wall of protection around your information.
Whether it’s one or two employees looking for phishing attempts or red flag messages, or a more robust IT team keeping an eye on underutilized or unused accounts, email monitoring can go a long way to keeping your business safe. Often the people who work at your company can provide the first line of defense, identifying misspelled domain names or poorly written body copy and preventing an email-based infection before it starts. More powerful tools can use automated learning to identify fresh phishing themes and change email rules accordingly, as well.
A trusted business partner that specializes in IT infrastructure can help with this task. All network security device logs should be regularly monitored for command and control activity, and strong firewalls should be able to detect and prevent unauthorized access. If any irregularities are identified, unneeded ports and protocols can be shut off. Access to Remote Desktop Protocol (RDP) should also be closely watched, as this tool can be exploited to infiltrate a user’s computer and change administrative settings which can lead to infection from viruses, malware, and ransomware.
Many times, simply neglecting to install a critical software update can lead to cybersecurity problems. In 2016, the WannaCry ransomware attack compromised a vulnerability in Microsoft’s operating system—one that the company had issued a patch for but many computer users had failed to deploy. At CMIT Solutions, our proactive approach to IT security means that our clients receive these patches and updates automatically and during off hours when they won’t affect employee productivity.
Although the data backup solution to ransomware prevention isn’t as foolproof as we once thought, it’s still essential to mitigating the damage from any disaster, whether natural or manmade. Free consumer solutions aren’t enough for most businesses, either—your IT partner should be securely and reliably backing up your data to multiple locations. Testing your backups is important, too—to ensure they’re functioning properly so you can quickly restore your data in the event of a cyberattack.
Fast action can often reduce the impact of a data breach or ransomware infection. If you think you’ve been breached, shut down your computer immediately and disconnect it from all Internet connections and local networks. Moving forward, a cybersecurity expert like CMIT Solutions can help you change your company’s public IP address so that any information shared on the dark web is no longer relevant to your current system settings.
CMIT Solutions is committed to helping clients prepare for and protect against any data breach issue. We defend your data, secure your network, and empower employees to work productively and efficiently, even in the face of changing cybersecurity tactics.
Want to understand the threat landscape better? Afraid your information has been compromised? Determined to keep your data safe? Contact us today.