Data Breaches, Phishing and Ransomware

How to Keep Your Business Safe

Maintaining the security of your business and its data is more important than ever as attacks become more sophisticated with every passing day. The following is a rundown of the latest threats and what to do about them.

91% of all organizations suffered a cyber attack at least once in the last twelve months, and these attacks are increasing in number.  Small and medium-sized business is now a key target because they’re easier to hack.

Today you need a higher level of security to keep cybercriminals from:

• Stealing your information.
• Wiping your data.
• Blocking infrastructure operations.
• Stealing your money.
• Damaging your company’s reputation.
• Causing financial loss.

Phishing

Phishing is tech language for fishing over the Internet for confidential business and personal information such as credit card numbers, personal identification, usernames and passwords. The first phishing scam occurred in 1996.

It uses social engineering techniques and computer programming to lure email recipients and Internet users into believing that a fraudulent website is legitimate.  When the phishing victim clicks the phishing link, they find that their personal identity vital information, and even money, has been stolen.

The average cost of a Phishing Scam is $1.6 million. It’s a top security concern for businesses today.

Some statistics:

• $70.2 billion is the estimated cost to brands, and
• $28.1 billion for corporations.

The occurrence:

• 3 billion each month
• 36 billion per year

The success rate:

• 1 in 3 companies is affected.
• 30% of phishing emails get opened.
• 100 million phishing messages get through every day.

Phishing is now the #1 vehicle for ransomware and malware.

It’s much more sophisticated and targeted than it used to be.

Phishing is popular among cybercriminals because it usually succeeds.

10 messages have a better than:

• 90% chance of getting a click.
• 8% chance of users clicking on an attachment.
• 8% chance users will fill out a web form.
• 18% chance that users will click a malicious link in an email.

Even high-level executives get spoofed and share usernames and passwords.

Ransomware

Ransomware attacks are on the rise. It’s part of the top 10 threat predictions by security analysts and labs around the world. And for businesses that are victimized, the consequences can be paralyzing and destructive.

When ransomware infects your computer or mobile device, your organization’s operations can come to a grinding halt. You’ll be denied access to your computer and may even lose your data. Ransomware attacks have cost U.S. businesses millions of dollars in losses. Don’t let your business be one of these.

Ransomware is the most malicious and frequently used form of malware today.

There are many different types of ransomware. The following are two that are being used today.

Locky: This is the most prevalent form of ransomware today. It’s a screen-locking or “locker” ransomware that prevents you from using your device by freezing your computer. It’s delivered through phishing emails that trick you into opening malicious documents or other infected attachments. Locky also encrypts files on your network and deletes any copies so they can’t be used to restore your files. Unfortunately, there’s no way to decrypt files that have been encrypted by Locky without paying a ransom.

Cryptolocker: Instead of freezing your computer interface, “crypto” ransomware searches your hard drive for common file types such as images and documents, and freezes them. It’s typically distributed through machines that have already been infected via malicious email attachments. When you click on a crypto attachment it installs malware on a computer and starts automatically every time you boot your computer. The ransomware attacker will then send you a message saying your files have been encrypted, and that unless you pay their ransom it will be impossible to recover your files.

U.S. organizations are the most targeted and infected throughout the world.

To see what countries are currently being attacked, and from where, visit: http://map.norsecorp.com

What are other companies doing to protect themselves?

• 69% of senior executives say digital transformation is forcing fundamental changes to security strategies.
• 64% will boost spending to protect against known security threats.
• 43% will make timely patching and remediation a higher priority.
• 68% plan to enhance incident response capabilities in the next 12 months.
• Operations teams are seeing heightened accountability for security breaches.
• 72% believe line-of-business managers must take a greater role in developing security strategies.
• Nearly half of enterprises will combine security and operations personnel into teams for fortifying mission-critical applications.

What can you do to protect your mission-critical resources?

1. Donate more personnel and technology to ensuring you’re never breached.
2. Combine security and operations personnel into teams dedicated to specific mission-critical applications.
3. Focus your new investments and staff on these areas and cut back on others.
4. Have line-of-business and development teams increase their roles in protecting critical assets.

To reduce the impact of cyber attacks, you must deploy a multi-layered approach to cybersecurity that covers these areas: (Your IT professional can set this up for your organization.)

Physical Protections

• Access
• Authentication
• Segregation
• Role-based access

Logical Protections

• Threat Management
• Process Isolation
• Scanning and Identify Threats

Data Protection

• Encryption
• Data Integrity

Admin & User Controls

• Rights Management
• Multifactor Authentication
• Data Loss Prevention

User Training & Awareness

• Ongoing training by skilled IT professionals

Secure Configuration and Policies

• Passwords
• Access Controls
• Patch Management
• Device Controls

Remote Access Protection

This can be accomplished through multifactor authentication using questions, passwords and even biometrics. There are many applications you can use for this purpose (like Microsoft Azure and Office 365). Other methods of multifactor authentication include using:

• Verification Codes
• Phone Calls
• Text Messages
• Mobile App Notifications
• Verification code with a mobile application

Technology

• Malware Detection
• Network Perimeter Defenses
  • Email filtering – in and out
    • Data loss prevention
    • Email Encryption
    • Outbound Botnet Malware Protection
  • Web filtering & continuity
• Backups
  • Timely (on both the server and PC level)
  • Offsite (on the Cloud)
  • Time to restore
• Protect all Mobile Phones and Mobile Devices
  • Use Encryption
  • Lock with a passcode
  • Use self-destruct capabilities when lost or stolen
  • Set up device finders
  • Backup phones and mobile devices
  • Keep software up to date
  • Require multifactor authentication
  • Mobile device management with wipe capabilities
  • Remote access solutions to ensure secure data transfer
  • Enforce security policies

The mobile workforce will surpass 1.3 billion people this year. You must protect all mobile devices.

Compliance is another piece of the security puzzle you must consider when implementing cyber protections, whether this is for PCI, HIPAA, SAS70, SSAE 16 or other mandatory regulations.  Ask your IT professional to conduct regular Vulnerability and Risk Assessments to determine your level of protection.

A Vulnerability & Risk determines if your technology is in danger from:

• Accidental deletions and human error.
• Natural and manmade disasters.
• Unauthorized access.
• Data breaches.
• Computer viruses and malware.
• Email hackers and spam

The IT research firm Gartner predicts that by 2020, 30% of companies will have been directly compromised by independent cyber activists or cybercriminals.

In Summary:

• Create a modern cybersecurity strategy backed by a solid business model.
• Redouble efforts to secure mission-critical assets.
• Improve organizational effectiveness by investigating new reporting structures.
• Develop an enterprise-wide culture of security.
• Shift thinking from just safeguarding applications to securing the data itself.

Contact {company}. Our IT professionals can conduct a Vulnerability & Risk Assessment (at no charge to you), and implement a multi-layered solution to keep your business safe: {phone} {email}