Late last year, as well as more recently, two major cyber attacks occurred–one at SolarWinds via their software platform in December of 2020, and one at Colonial Pipeline just this month. These attacks are even more serious than one performed by a lone attacker, and signal how vulnerable networks can be. Not only do businesses need to use tools to protect their own computer networks, but to share information with other companies. Read on to learn how your company can protect itself against cyber attacks.
Recent Cyber Attacks a Wake-up Call
Last December, IT management company SolarWinds was attacked by hackers who inserted malicious code in what seemed a normal software update. What’s ironic is that the very platform used to monitor threats, was the one targeted. The bad code allowed the perpetrators to hack numerous government agencies and private companies, possibly stealing untold amounts of data. The company’s platform was used in this sophisticated attack, and the software update was downloaded by some 300,000 users. Through the download, the perpetrator was able to penetrate deep into companies’ and agencies’ networks. More recently, Colonial Pipeline was targeted in a potential attack on electrical supply to the East Coast via the gas pipeline. While investigations are still underway in each incident, foreign state actors are thought to be responsible. Both these attacks show how vulnerable companies can be. Could there have been a way to prevent the attacks, to see them coming? In spite of all the precautions companies take to shield their networks, cyberattacks seem almost inevitable.
Ways to Protect Your Company Against Ransomware
Of course, companies should continue doing things like remote network monitoring, maintaining current anti-virus and anti-malware definitions and training their staff to recognize possible attacks. Commonly hackers try to get into a system by phishing–trying to trick the recipient of an email into clicking a link, providing the attacker a way in. Employees need to be trained to recognize a phishing email by telltale signs (spelling errors in the email) and to inform a supervisor about the email. Yet there’s another step to take. This involves people–sharing information with other companies about attacks and threats of attacks. Commonly and unfortunately, there is a stigma to experiencing a cyber attack; a company doesn’t want to be considered weak. But think how much stronger companies could be when they depend on each other to be aware of new threats, and can band together against cyber crime. Along with this practice, a company can continue educating their staff to recognize phishing attacks and to be careful with passwords (making them difficult to guess, and changing them frequently). Every device connected to the network needs to be monitored, and ones suspected of being attacked, quarantined (disconnected) to keep the network secure.
Tools and technology like malware protection and network monitoring should always be a part of your cybersecurity plan. People can also play a role, by reporting possible attacks and sharing information. To learn more about refining your strategy for network security, contact us today.
The more technology advances, the more businesses must be aware of security breaches and hacker attacks. Where are hackers likely to strike in 2019, and how can you protect your business? Read on to learn more about new and existing cyberattacks to avoid.
Toll Fraud Likely to Threaten Businesses
Toll Fraud is an emerging cyber threat to watch out for. Toll fraud may happen when an attacker accesses your phone system to make fraudulent calls, possibly by posing as a new customer, placing calls (including expensive long-distance calls) directly from your business’s phone lines — on your dime! Cybercriminals may target businesses with in-house phone systems, rather than ones with Voice over IP (VoIP) systems. Toll fraud can be recognized and prevented through monitoring of a VoIP system.
Be on Look out for Phishing Schemes
Phishing typically uses emails to lure your employees into clicking on links that download malicious software (Malware). In addition, Phishing schemes may also get your employees to share internal information including passwords, confidential information, privacy information, financial information, patents and more. Educating your staff on how to recognize suspicious links and report them is your first line of defense.
Ransomware is Everywhere
Employees can also introduce Ransomware to your network, that can travel to all attached devices including your server. Once infected, you will be held ransom to regain access. If you pay, you are likely to be targeted again. Avoid ransomware by having strict policies to prevent thumb drives, guest PCs and other non-compliant devices attaching to your network. Having a reliable backup of your systems is a way to rapidly recover without paying the ransom.
While firewalls, anti-virus SPAM filtering, and penetration testing can help deter cyber attacks, human beings play a role in staying safe. To learn more about how to respond to upcoming threats, contact your technology advisor today.
Ransomware, spyware, phishing schemes, and other Cyber attacks are commonplace in today’s world of technology. According to a recent article in Forbes, ransomware attacks grew at an accelerated pace in 2016 with reports of 638 million attacks, almost 200 times more than the number of ransomware attacks in 2015. Most experts agree that Ransomware attacks will continue to occur–so what can you do to avoid being a ransomware hostage?
Not All Ransomware is Created Equal
Before you panic, find out what type of Ransomware you are up against. Scareware is a type of Ransomware that tricks you into thinking you have a bigger problem. A simple scan may quickly remove the pop from your browser cache and get you back on your way. Some ransomware is truly nasty — your entire system may be encrypted, meaning you will need to wipe your system and start over if you have a good backup. Otherwise, you may find yourself hostage to the cybercriminals to unlock your data.
An Ounce of Protection is Worth a Pound of Ransom
Data protection is an important element in minimizing the impact of Ransomware. Make sure your network security is fully compliant. Backup your data, update your antivirus definitions and make sure your security patches are up to date. Consider using Cloud Backup, Security as a Service, and Managed IT services to keep your network up to date. Having a strong offense to avoid ransomware is your best defense.
Don’t Forget the Human Element
Train your employees on a regular basis on the importance of staying vigilant against Cyberattacks and how to avoid being a hostage. There are many resources to get training for your team. Periodic updates about threats and security procedures serve as a reminder to your employees to ensure they adhere to best practices.
If you need security training or are interested in a review of your network, security vulnerability, or other technology infrastructure, contact your Technology Advisor today.