The ideal time to make sure you’re protected is before you’re attacked. Far too often, people call us after they are in trouble. In general, if you have a feeling things aren’t quite right, they’re usually worse than you suspected.
Whether you’re a small or large company, the need to protect the goodwill you have built up with clients is vital. Ransomware is a type of cyber attack that prevents people from accessing their information, often resulting in a permanent loss of data. In many cases, the ransomware attackers copy your most sensitive information and promise to release it on the dark web to other hackers to commit additional criminal acts if you don’t pay their ransom demand.
What would your clients think of your brand if the data they gave you ended up on the dark web?
Different Types of Attacks
Modern-day hackers are getting increasingly more aggressive and are carrying out their attacks in far more intelligent ways than we expect. While they are clever and devious, we are not honoring these criminals and don’t recommend paying the ransom to fund their criminal activities and lifestyle.
Let’s take a quick look at the two most common types of attacks:
- A targeted attack is when hackers are spearfishing a particular person and have thoroughly researched them using social media posts, public listings, and data stolen including logins from previous data breaches.
- Casting a wide net is when hackers send out a massive email campaign in hopes they get a few victims to respond out of the hundreds of thousands of messages sent.
More recently, we’re seeing an increasing number of hackers who specialize in remote access. The objective is to sell the access they obtain to other criminal groups. These specialists seek to obtain remote access to computer networks and perform reconnaissance to determine the selling price. This remote access for a small business might be sold in a large bundle for as little as a dollar. The groups that purchase the access then use it to perform money transfers, hack into your bank accounts, steal login information, copy your sensitive data, and turn your systems into an encrypted mess with a ransomware attack.
Don’t Be a Walking Target
If someone in your company happens to answer the wrong email your business can easily become a target. We hope this doesn’t happen to you, but if it did, what would be your biggest fear?
Typically, business owners we talk with are most concerned with the threats listed below:
- Insiders stealing information
- Competitors stealing information
- Hackers exposing your data on the Internet
- Corruption or alteration of business records
- Cloud service provider outages
- Internet or network outages
- System hardware or software failures
- Ransomware attack
- Fraudulent transfer of funds from your bank accounts
- Cost of recovering from one of the above
Which ones are on your top 3 list?
You can create barriers between your personal information and hackers by becoming more aware of their tricks, using multi-factor authentication (MFA), using unique passwords for all logins, and trusting your gut when something seems wrong.
Recently, we’ve observed an increase in phishing emails claiming “you’re almost out of disk space, you need to click this link to increase your usage for your Google or Microsoft email account.” These types of attempts try to trick you into thinking there is an urgent need to take some action.
With security awareness training and advanced security tools, you and your team can reduce your exposure to these threats. One-click on the wrong email could cost your business thousands and thousands of dollars to pay for the recovery.
Are You Protected?
One of the great things about the world we’re living in is how technology has helped us do business faster – with lower costs – and enabled entirely new businesses previously unimaginable. Our dependence on technology is often taken for granted until a disruption occurs. It might be a brief power outage or a multi-day Internet outage at your manufacturing facility or medical office that resulted from a cut cable or equipment failure.
When technology fails, it is important to have already taken the steps needed to keep your business operating under less-than-ideal conditions. Not so many years ago businesses had manual procedures to operate without computers. For example, businesses that are based on appointments might print their appointment schedule for the next several days before leaving for the day. Does your business take any steps like this so you can operate under adverse conditions?
Has your technology team developed a system recovery plan and tested it to know it will work? Do you have battery backup for key network components and systems? If your Internet service is offline, do you have an alternative provider or the ability to relocate until service is restored? As the leader of your business have you reviewed these plans and trust they will work?
If you’re not able to answer yes to these questions, things are probably worse than you think. Today is the ideal day to reach out to CMIT Solutions for a second opinion.