The New York Times revealed last week that, in mid-August, at least five American banks (including JPMorgan Chase & Co.) were hit by a wave of cyberattacks that stole gigabytes of information such as savings and checking account details. JPMorgan said it hadn’t noticed any increased fraud activity in the weeks since the breach, leading the FBI to speculate that the move could be politically motivated and possibly linked to recent economic sanctions against Russia.
But, unlike other recent cyberattacks that were traced to proxies of the Iranian government, the August hacks didn’t seem like they were intended to disrupt bank services. Instead, early reports indicate they were geared toward gathering intelligence. And in a stealthy way, that can seem scarier than a bald-faced attempt to commit fraud. Even more frightening was this quote from Patricia Wexler, a JPMorgan spokesperson: “Companies of our size unfortunately experience cyberattacks nearly every day. We have multiple layers of defense to counteract any threats and constantly monitor fraud levels.”
Now, most small and medium-sized businesses don’t represent the same kind of lucrative target as banking behemoths like JPMorgan. But they also don’t possess anywhere near the same level of cyber defenses. Which is where a trusted IT provider like CMIT Solutions comes in. We’ve kept a close eye on recent data breaches that have shaken the public’s confidence in online privacy and security, and we’ve accumulated valuable knowledge on how to avoid having your data compromised:
1) Recognize the threat of malware. Undetected malware was the cause of Target’s massive 2013 data breach, which has cost the company nearly $150 million so far. According to a threat report by security firm Check Point, in 2013, a new and unknown malware attack originated every 27 minutes. The leading email attachment file format used to infect computers was PDFs, which accounted for 35% of all infected file types. The bottom line? Do NOT click on any email attachment or embedded link unless you trust the sender or source and are expecting said attachment.
2) Give your systems the proactive attention they deserve. The US Senate analysis of Target’s data breach quoted a 2011 Lockheed Martin Computer Incident Response Team white paper: “Instead of installing static defense tools and waiting for the next attack, network defenders should continuously monitor their systems for evidence that attackers are trying to gain access to their systems.” At CMIT Solutions, we specialize in a similar type of proactive monitoring and management. Our backup and disaster recovery service employs top-flight encryption for data both at rest and in transit. At this point, a data breach is more a matter of when than if, so being prepared is crucial to surviving (and thriving) in today’s complicated IT world.
3) Understand that even the most stringent security measures may still not be enough. We’ve said it before, and it bears repeating: every employee, workstation, and mobile device represents a possible vulnerability. Most high-profile data breaches are the result of coordinated cyberattacks, but many smaller ones stem from a single stolen thumb drive or employee that inadvertently opens an infected email attachment.
4) Strengthen your passwords. The rash of recent data breaches makes this common-sense practice even more important. The Adobe breach in October that affected over 38 million users revealed a wealth of information. For instance, “123456” was the service’s most popular password, followed by “qwerty,” “abc123,” and “123456789.”
Worried about the negative effect a data breach could have on your business? Afraid your sensitive business information isn’t being properly protected? CMIT Solutions can help. We understand the critical nature of data security, and we work tirelessly to turn encryption, backup, monitoring, and disaster recovery from simple solutions to necessary competitive advantages. Contact us today to find out more.