The threats are many and varied. Don’t be a victim.
June 13, 2018 | Real Tek Solutions, Inc.
Small and medium businesses in the U.S. are the main targets for many cyber threats, perhaps because smaller businesses don’t have a formal IT Department. Criminals want your data to sell or use against you. Prominent threats this year are ransomware, phishing, and cryptojacking.
Ransomware is an attack in which hackers hold the company’s data hostage until a ransom is paid. Paying the ransom doesn’t mean your data will be returned, so we recommend not paying. Reports show a 400% increase in ransomware attacks from 2016 to 2017. We have actually heard of Ransomware as a Service (RAAS), where any black hat wannabe can obtain ransomware code for a small fee and use it to make money.
Phishing is a cybercrime that occurs when attackers use social engineering (posing as a bank or the employee’s president) to trick the person into providing sensitive data or clicking a link to inject malicious code onto a computer. Spear phishing is a very focused type of phishing scheme that often works because the email looks like a legitimate request for information. Tax season scams are so bad that the IRS put phishing scams at the top of its “Dirty Dozen” list. One study shows that 96% of cyber-attacks start in employees’ email Inboxes.
Cryptojacking occurs when a bad actor highjacks computers or mobile devices to mine for cryptocurrency (such as Bitcoin, Zcash or Monero). Infections can occur when users of a compromised website download infected widgets. While your business still has access to its data, you’ll notice the system moves very slowly and you might have a much higher energy bill. Sometimes so much heat is generated that mobile devices are literally melted. Worse, if a system is vulnerable to cryptojacking, it is also vulnerable to a more destructive attack.
There are several things you can do to protect your business:
- Use a good anti-virus software. For example, we recommend having anti-virus and anti-malware software that is rated higher than Windows Defender, which is included in Windows 10. Having a layered approach to security helps protect you from multiple threat vectors (entrance points), so make sure your mobile devices are protected too. The best security keeps a threat from spreading to other computers.
- Make sure your computer operating system (OS) is up to date. If you’re running on an OS older than Windows 10, it’s time to upgrade because so many threats have been successful with Windows 7.
- Train your employees not to click on email links and open attachments (unless they were expecting the email) since that’s where most viruses and ransomware hide. Best practice is to train employees about security, test them with practical examples of phishing emails, re-train those who fall for the bait, and then analyze what worked and for which employees. Here’s a simple checklist to begin to educate your employees on how to avoid phishing:
- Look at the return address. Is it real?
- If something doesn’t smell right, have the employee call the sender to verify the request.
- Don’t click on a link in the email. Go to the client portal through a browser.
- Avoid all “too good to be true” offers.
- Immediately delete suspicious emails.
- Use strong passwords (longer is better; mix symbols, letters, and numbers; don’t use dictionary words; don’t write down the password).
- Specifically, for cryptojacking, you can use internet browsers Chrome or Firefox, and then engage their extension called minerBlock, which combines blacklists and detecting potential mining behavior inside loaded scripts. Keep a frequently updated list of cryptojacking and cryptomining related domains and use the firewall to block them. This list is available by searching CoinBlockerLists. For your PC, check the Task Manager for unusually high CPU usage. For your entire infrastructure, use a full-scale monitoring application.
- Back up your data on a regular basis so you can restore your files if your network gets infected with a virus or ransomware. Unfortunately, no security plan is 100% foolproof, so be prepared by ensuring the backed-up data has integrity by loading a small portion in a test environment. Regular backups do no good if the data has become corrupted. Consider redundant backups so if one backup fails, you’ll have more than one copy to recover from a disaster.
While it can be tempting to blow off the possibility of these threats, we urge you to take them seriously. Continual vigilance is necessary, so you can avoid becoming a victim.