Posts by Joe Welker, CISA:
Small and midsize businesses are not immune to becoming the target of a crippling cyberattack and without the proper procedures in place business owners risk the very real threat of a large-scale assault on their company’s data. Would you be able to recover if your organization was attacked?
Instances of cybercrime have reached an all-time high and ensuring that your company has the procedures in place to guard against an army of determined fraudsters is more important than ever. But before you can implement effective controls, you must have a clear understanding of what it is that threatens your business.
Know Your Enemy
Ransomware has become a formidable threat to businesses of all sizes, yet I have worked with quite a few business owners who are unfamiliar with the term. This is particularly unnerving as a Ransomware attack can be catastrophic to the financial stability of your business.
Ransomware is the infection of a computer which immediately encrypts all recognizable file types. Once your network is infected, a screen appears on your monitor demanding that the company pay a ransom in exchange for the data to be “decrypted” and released. A timeframe is established by the hackers and it is made clear that if the ransom is not paid before the deadline, the organization’s data will be destroyed.
4 Tips To Help Prevent A Ransomware Attack
To protect your business against Ransomware and other similar threats:
- Train your employees to identify phishing emails.
Numerous vendors can provide your company phishing tests and video training to help educate your employees about phishing emails and ways to identify possible scams. Specifically, work to change the mindset of those within your organization when it comes to opening attachments and clicking on hyperlinks.
- Set employee Microsoft Active Directory rights.
It’s unlikely that all your employees will need full-access to your company’s entire database to do their jobs. One way to protect your data is to only grant access to the data needed for employees to complete their job responsibilities. This way, if an attack does occur, the damage can be isolated.
- Consider implementing programs such as Microsoft “AppLocker.”
When you implement programs like AppLocker, you require users to be assigned access to the programs they need to utilize. Again, this helps to isolate the threat which can help minimize the impact of an attack.
- Implement a Disaster Recovery (DR) Plan.
Some research indicates that only about 35 percent of small- to medium-sized businesses have a working and comprehensive disaster recovery plan. We are learning time and time again just how important it is to have a plan in place to protect your business when crisis strikes. A DR plan, complete with regular plan testing and offsite backup data, will help prepare you for unforeseen events which, under current circumstances, could prove to be catastrophic. Click here to learn more about the benefits of a DR plan and how they can keep your organization and its data safe.
Guard Your Data With These Best Practices
Monitor for irregularities
If your network is infected, you can eliminate or decrease the threat of Personally Identifiable Information (such as financial records, medical information or intellectual property) from being infiltrated by utilizing an Intrusion Detection System or Security Information & Event Management application or service. These applications are designed to monitor for invalid access attempts, outgoing traffic identification and other significant alerts.
Require two-factor authentication
Many breaches are the result of access that has been granted to a third-party vendor. Oftentimes the vendor’s network will become infected and can lead to the breach of your own organization. While the data breach may not have originated within your organization, you are responsible for the inroads that were ultimately exploited by hackers to gain access into your network. A best practice is to require all vendors to utilize two-factor authentication or direct contact with your IT staff in order to gain access to your company’s network. Your networks should never be directly accessible to any outside vendor.
These tips can help you protect your organization from cybercriminals, but they only provide an initial layer of security. New threats are being developed every day and existing threats are evolving rapidly. The best thing you can do is arm yourself with knowledge and regularly test for weaknesses in your company’s armor. One day, your business will be the focus of a cyberattack. Will you be ready?
Email Rea & Associates for more information about protecting your business from cybercrime.
By Joe Welker, CISA (New Philadelphia office)
Check out these articles to learn more about Ransomware and other cyberattacks on businesses:
Stop Criminals From Hijacking Your Identity With These Top 5 ID Theft Prevention Posts
December is National ID Theft Awareness Month and the fraud prevention team at Rea is a wealth of information when it comes to sharing great tips to help taxpayers protect their identities from fraudsters. Instead of scrolling past posts in our expansive article library or award-winning blog, we’ve compiled this Top 5 list to make your search for information easier. Read on to discover how you can prevent cyber criminals from hijacking your identity all year long.
Read Also: Let’s Talk About The F-Word
- WARNING: Tis The Season To Practice Safe Online Shopping Habits: While it may be the most wonderful time of the year, cyber criminals are looking for ways to stuff their own stockings – at your expense. The holiday season is also a busy time of the year for scammers because, in general, more money is being spent and more people are clicking through cyberspace for the best deals and tracking their purchases. Find out what you can do to keep your identity safe this Holiday season.
- Cyber Crime: It Can Happen To You: Fraudsters don’t take holidays. In fact, they tend to be more active this time of year because they believe we are more likely to let our guards down. I don’t intend on falling for any of their traps, and I encourage you to do the same.
- Malware Threat Spreads To Smart Phones: Researchers and IT security experts from ESET, a global IT security company, recently announced that they had discovered a malware application that is designed to encrypt files and change PINs on Android devices in the United States. In return, victims are demanded to pay up to the tune of $500. Only then will hackers provide users with the recover key. Keep reading to learn how you can protect yourself.
- Should I Still Be Concerned About Identity Theft And Tax Fraud?: Identity theft and tax fraud are problems that show no signs of stopping. In 2015, in an attempt to provide an added layer of protection, taxpayers in Ohio had the opportunity to get up close and personal with the Ohio Department of Taxation’s (ODT) newest fraud safety measure – the Identification Confirmation Quiz. Read on to see how this quiz has helped reduce fraud in Ohio.
- How To Recover From Identity Theft & Refund Fraud: Suspecting, and then confirming, that you’ve had your identity stolen is a nightmarish scenario. It combines one of your worst fears, losing your wallet or purse, with all of the work of replacing the things that were lost. It can be so overwhelming you might be wondering: “Where do I even start?” We can help you answer that question.
Identity theft is a scary thing and you don’t want to become a victim. Take some steps now to protect yourself in the future.
Want to learn more about keeping your identity safe? Email the team at Rea & Associates, our fraud prevention specialists can be an important of keeping your information protected.
Looking for tips to secure your business from fraudsters? Check out these posts:
It’s hard to remember a time when reports of data breaches, ransomware attacks and business email compromises (BEC) weren’t part of our daily lives. In fact, not so long ago we were pretty content to believe that the controls companies had in place were enough to protect us from the invisible threat of hackers and cyber criminals. But that was just a dream – and it wasn’t long before that dream manifested into a nightmarish scenario for one of the nation’s largest retailers.
Two years ago, cyber criminals gained access to the point-of-sale systems belonging to Target. Authorities later learned that the hacker(s) gained access to about 11 GB worth of data (including highly-sensitive personal and credit card information). When the dust settled, about 70 million consumers nationwide were left vulnerable to identity theft and credit card fraud. This magnitude of this breach was huge and, as a result, companies everywhere made an effort to buckle down and implement a slew of “best practices.” But what has really changed since December 2013?
What Have We Learned From Target?
The Target breach symbolizes the moment when the threat of personal data security violations became mainstream in America; and today, we don’t think about fraud in terms of if it will happen – it’s when it will happen. But instead of becoming more vigilant about data security practices, it appears as though consumers have chosen a more desensitized reaction. These days we are content with trusting the credit card companies to notify us of any suspicious activity occurring on our account rather than implementing safer payment practices in our daily lives.
Retailers and credit card companies, on the other hand, have worked hard to make it more difficult for hackers to access their customer data. Since the breach, Target has:
- Installed EMV compliant point-of-sale (POS) terminals in all stores to allow for transactions to be processed using a token instead of actual credit card numbers.
- Joined two cybersecurity threat-sharing organizations in order to share and retrieve valuable information concerning data breaches and the source of those breaches.
- Implemented more stringent firewall rules and governance procedures.
- Constantly monitors and logs system activity.
- Applied whitelisting technology, an administrative process that allows only preapproved applications to execute in a system, on the store’s POS systems.
- Disabled or placed limited access on vendor accounts.
- Deployed 2-factor authentication.
- Established password vaults and required the use of more complex passwords.
- Thoroughly reviewed and revised its process on how to determine which employees and contractors would have access to consumer data.
With the exception of the first two points, the measures Target has taken since its 2013 data breach are considered best practices, which means that if your business doesn’t have these security measures in place, you shouldn’t wait any longer. And, with regard to EMV technology, most businesses were expected to install and activate the new technology before Oct. 1, 2015 to avoid liability for losses resulting from fraudulent transactions.
A Moving Target
As long as there are fraudsters willing to pay for stolen names, addresses, credit card numbers and expiration dates, phone numbers, email addresses, dates of birth, Social Security numbers, etc., there will be cyber criminals looking for a way to hack into your company’s system to gain access to your consumer data or intellectual property. But if you are really serious about keeping your data safe, there are additional measures you can take.
1. Reinforce Your Firewall
Firewalls should be securely configured and continuously monitored. There are many providers that perform 24-7 firewall monitoring services to protect your company from attacks and or to alert you to signs of a possible breach. Moreover, providers are also coupling these services with the use of whitelists or blacklists, which triggers an immediate response if a potential threat is identified. Another great reinforcement for companies with experienced IT staff, would be the implementation of SIEM (Security Information and Event Management) or IDS (Intrusion Detection System) software.
2. Take Your VIP List Seriously
Not everybody should have access to your company’s domain – especially outside groups, and you should take care to review your employee and vendor access accounts routinely. The 2013 Target breach was a result of a breach that was intended for one of Target’s vendors. But, once in, the hacker was able to work his way into the Target Vendor Portal and infiltrate the Target POS systems.
3. Don’t Take Your Passwords For Granted
While doing so, be sure to verify that these credentials, in particular, require complex passwords, a limit on the number of attempts allowed before automatically disabling the account, and that they are required to be changed regularly. (Believe it or not, the most common password continues to be “123456” – proving that we are still not learning from past mistakes.)
Check out these articles for more data security best practices
EMV Technology Impacts Netflix’s Q3 Earnings
Since the United States made the switch to EMV (EuroPay, Mastercard and Visa) chip technology in October, some companies are beginning to report unexpected side effects – sluggish growth in the third quarter. A recent story from Patrick Kulp on Mashable, a global media company, reported that Netflix’s lack-luster third quarter earnings may be directly linked to the new technology.
Why? Because, according to Kulp, “[many] Netflix users may not want to go through the hassle of updating their payment records, and some may even use the switch as an excuse to bail on the service. As a result, the company can’t collect their fees.” Now, as third quarter earnings continue to roll in, business analysts are beginning to speculate as to what this means for businesses hoping to finish the year on a high note.
Why Was EMV Implemented?
In September, I provided insight into the reasoning behind the new chip-based technology, which pointed to the increasing number of credit card breaches as the reasoning behind the change. Over the years millions of credit card numbers and associated data have been stolen, leaving the credit card industry on the hook for the fraudulent transactions. In an effort to transfer liability from payment card companies to individual businesses, while providing greater protection to users against credit card fraud, the PCI Security Council supported the addition of EMV chip technology to the existing PCI (Payment Card Industry) Security Requirements.
The ultimate goal of EMV is to stop and prevent further fraudulent activity. Success has already been noted in countries outside the U.S. “Currently, almost half of the world’s credit card fraud happens in the U.S. where magnetic stripe technology is the standard,” stated David Navetta and Susan Ross in a blog on Data Protection Report. “Outside the U.S., an estimated 40 percent of the world’s cards and 70 percent of the terminals already use the EMV technology. These countries are reporting significantly lower counterfeit fraud levels with EMV cards than with the magnetic stripe cards.”
Businesses have rushed to accommodate the transition to avoid liability for any losses that result from fraudulent transactions. From installing devices that read the new chips, to training employees to address any questions and concerns that may come up during the payment process. Unfortunately, in order to bring the American public up to speed, payment card insurers are issuing new chip-enabled cards to card holders and, in many cases, users are being issued new card numbers as well.
Companies such as Netflix are beginning to feel the pinch as they are realizing that their customers are in no hurry to update their card numbers in their accounts, which means the company can’t collect subscription payments.
“Our over-forecast in the US for Q3 was due to slightly higher-than-expected involuntary churn (inability to collect), which we believe was driven in part by the ongoing transition to chip-based credit and debit cards,” the company said in its earnings release.
Is Your Business Witnessing Unexpected Consequences?
Third-quarter earnings are just beginning to be reported, which means we are unable to adequately identify how widespread this particular issue is.
So, we want to hear from you. Since the EMV chip technology went into effect on Oct. 1, what has your experience been? Have you had trouble collecting renewal payments from your customers? Comment below or send us a quick email.
If you have a specific question about EMV technology or another business challenge, you can always let us know by filling out the brief form at the top, right side of this page. And don’t forget to subscribe to Dear Drebit to get great business tips and advice delivered directly to your inbox!
Are you looking for more ways to prevent fraud from taking control of your business? Check out these articles:
Dear Drebit: Does a company that doesn’t physically swipe credit cards have to worry about increased liability when the new EMV rules are implemented in October? Sincerely, Online Payments Only
Dear Online Payments: As you may already know, I recently wrote an article to inform merchants about the Oct. 1 deadline to implement Credit Card EMV (EuroPay, MasterCard and Visa) technology. When this change takes effect, the liability for fraudulent transactions will no longer be assumed by the credit card issuing institution. Instead, if you continue to use the credit card’s magnetic stripe to process payments, your business will assume liability for any resulting fraud. For most businesses – especially smaller businesses – a single instance of fraud could be crippling.
EMV technology essentially swaps out the magnetic stripe used on credit cards today for an embedded chip. The chip scrambles sensitive cardholder data at the point of sale, which makes it increasingly difficult to fraudulently access and replicate consumer data.
But what changes lie ahead for businesses that utilize online payment methods and don’t require customers to physically swipe their credit card to pay for a product or service? Do they need to be concerned about this liability switch on Oct. 1 too?
EMV Concerns For Online Merchants
Your third-party processor (such as PayPal), is responsible for ensuring that the payment is authentic. These companies validate payments using a variety of methods.
Natalie Gagliordi, a blogger with Small Business Matters, writes that “for most online merchants, whatever payment processing technology they are using will likely contain out-of-the-box security and authentication protocols.” PayPal, for example, “has developed complex end-to-end encryption to help protect consumers and merchants with their payment information.”
But just because your business doesn’t bare the sole responsibility for keeping your customers’ credit card data safe, doesn’t mean you have nothing to worry about – quite the contrary. Some experts expect credit card fraudsters to pay more attention on hacking online consumer data. This means, for your customers’ sake, you must continue to be informed of online security best practices and should not only be knowledgeable about what your third-party payment processor is doing to keep credit card data safe, but what your third-party payment processor requires of you to maintain your compliance. This could include maintaining current antivirus protection, a secure firewall and other online safety protocols.
The EMV Migration Forum’s Card-Not-Present Working Committee recently published an informative whitepaper to address the growing threat of Card-Not-Present Fraud. This resource will give online merchants a little more insight into the numerous options currently available to help authenticate online payments.
In the meantime, if you have additional questions or concerns, contact your third-party payment processor immediately. Requirement 12.9 of the Payment Card Industry Data Security Standard v3.0 states that they must provide you with – in writing – the details of its role in providing PCI compliancy, as well as any requirements of your organization. Click here to learn more.
How Can Drebit Help You?
Readers, do you have questions about data security, fraud, accounting, succession planning and other general business topics, but don’t really know who to ask? Let Drebit help find the answer! Simply fill out the brief form at the top, right side of this page. You can also click here to reach out to one of fraud experts directly. If you like the advice we offer, why not click here to subscribe to Dear Drebit and get notified of new articles and updates the minute they are posted?
Would You Pay A Hacker’s Ransom If Your Phone’s Data Was At Risk?
Researchers and IT security experts from ESET, a global IT security company, recently announced that they had discovered a malware application that is designed to encrypt files and change PINs on Android devices in the United States. In return, victims are demanded to pay up to the tune of $500. Only then will hackers provide users with the recover key.
If it continues to spread, this form of malware could result in a staggering number of victims. Once again we are reminded of how important it is to vigilantly protect ourselves against fraudsters who will continue to exploit such weaknesses in our technological infrastructure.
According to the digital media analytics company comScore, between the months of December and March 2015, more than 187.5 million people in the U.S. owned smartphones. During that time, Google Android led the pack as the number one smartphone platform with 52.4 percent platform market share.
Malware Goes Mobile
The malware, called LockerPIN, spreads via third party applications, which are downloaded by the user to their Android device. Similar to the CryptoLocker and CryptoWall malware that has inundated users over the past several years, LockerPIN spreads malware’s reach to the mobile user.
Originally discovered in Ukraine in 2014 the malware has been modified to the point that it is just now making its North American debut. Disguised as a system update, the application changes the user’s PIN to a random setting without their knowledge. The worse part? The only known recovery solution is to perform a complete factory reset, which will result in the loss of all your data.
It’s only a matter of time before this malware progresses to the point of being able to infect all phones. In the meantime, there are actions you can take to protect yourself.
1) Never download apps outside of certified app stores.
2) Back up your mobile devices to your computer or to the cloud regularly.
3) Do not grant administrator privileges to apps unless you truly trust them.
4) Stay away from suspicious apps and sites.
Want to learn more ways to protect yourself and your business from IT threats? Check out these articles.
PCI to EMV – Protecting Credit Card Data
Your customers want their payment experience to be as easy and painless as possible, which is why you have come to depend on the ability to process credit card payments – especially if your average transaction is more than $20. But providing your consumers with the ability to pay with plastic has also been helpful to fraudsters looking to steal the information hidden within their card’s magnetic stripe. In an effort to crack down on fraudulent transactions, protect consumers and transfer liability from the credit card company to your business, the United States will begin to implement Credit Card EMV (EuroPay, MasterCard and Visa) technology.
Change Is Necessary
Due to the increasing number of credit card breaches where millions of credit card numbers and associated data have been stolen, the industry has forced retailers and merchants to adhere to PCI (Payment Card Industry) Security Requirements. Supported by the PCI Security Council, the ultimate goal of EMV is to stop and prevent further fraudulent activity. Success has already been noted in countries outside the U.S. “Currently, almost half of the world’s credit card fraud happens in the U.S. where magnetic stripe technology is the standard,” states David Navetta and Susan Ross in a blog on Data Protection Report. “Outside the U.S., an estimated 40 percent of the world’s cards and 70 percent of the terminals already use the EMV technology. These countries are reporting significantly lower counterfeit fraud levels with EMV cards than with the magnetic stripe cards.”
Understanding EMV Technology
Credit Card EMV technology, which has been used in Europe since the early 1990s, replaces the magnetic stripe we have grown accustomed to with an embedded chip that, scrambles sensitive cardholder data at the point of sale terminal. This technology ultimately makes it more difficult to access and replicate consumer data in an attempt to commit fraud.
Businesses Can’t Afford Not To Comply
Why should you be concerned about the credit card industry’s switch-over to EMV technology? As of Oct. 1, 2015, the liability for fraudulent transactions will no longer be assumed by the credit card issuing institution. Instead, if you (the merchant) fail to adopt EMV technology, your business will be responsible for any loss that results from a fraudulent transaction. If your business currently accepts credit cards as a form of payment (and you would like to continue this practice), unless you want to be hit with potentially devastating losses, you must make sure to install and activate the new technology before the Oct. 1 deadline. That being said, some types of businesses will have a little more time to comply. If you aren’t quite sure whether or not your business is exempt, visit the website of each payment brand you accept to learn more.
- If you have not investigated or planned for EMV Technology, contact your card processor immediately to determine your business’s specific needs.
- Implementing EMV technology can be a cumbersome and time consuming project, but the best way to protect yourself from fraud and liability is to implement the new technology as soon as possible.
- If EMV technology has been implemented be sure to confirm that the chip reading capability has been enabled. In addition, confirm with issuers that cryptographic values are being associated with the card number to ensure that the EMV technology has been setup and configured properly. Verifying that cryptographic values are being assigned will eliminate the chance of misconfiguration and possible fraudulent activity.
- Train your staff on the new procedures. When a customer tries to pay for a product or service using their card, they will notice some changes, such as their credit card being held in the EMV reading slot throughout the entire transaction process. This is normal, however your staff should be prepared to answer the questions that will certainly arise.
Want to learn more ways you can protect your business and your customers from a fraudster? Check out these articles:
Red Flags To Be Aware Of When Opening Your Email
We hear it a lot and often – be careful when clicking on the links in your email (especially if you do not know the sender.) But what if the email is from someone you know, like your boss? And what if the email appears to come from their work account?
E-mail Account Compromise (EAC) is a sophisticated scam that uses legitimate email accounts that have been compromised to target unsuspecting victims, oftentimes tricking even the most tech-savvy individuals.
So that email your “boss” sent that asked you to click on a link to wire them money because they lost everything while on vacation in France may actually look authentic, but in reality it’s a scam that could have a divesting impact on your business’s network.
How can you tell the difference?
“Just 1 percent of employees are responsible for 75 percent of cloud-related enterprise security risks, and companies can dramatically reduce their exposure at very little additional cost by paying extra attention to these users.”
Recently, the FBI reported a 270 percent spike in victims and cash losses due to these scams. The numbers are scary, but educating yourself on what to be on the lookout for can help eliminate the scams.
Want to learn more about the recent EAC scam? Contact Rea & Associates to learn more ways to protect your business from unseen threats.
Looking for more information about securing the safety of your business? Check out these articles:
As if you didn’t have enough keeping you up at night, the topic of data security continues to send collective shivers up the spines of business owners worldwide. Unfortunately, the Aug. 24, ruling by the United States Court of Appeals for the Third Circuit didn’t make matters any better (or less expensive) for businesses guilty of failing to protect their customers’ data. In fact, companies that utilize poor security practices that ultimately lead to a breach of consumer data are at risk of facing further disciplinary action and penalties.
What does the FTC’s Courtroom Win Mean To Business Owners?
If you haven’t taken data security seriously in the past, it’s time to get real serious about it real quick.
Prior to the ruling, companies at the center of a data breach had to battle with lawsuits while working to rebuild their reputations. Now, in addition to litigation and negative headlines, your organization must also risk being fined by the Federal Trade Commission (FTC). Businesses can no longer operate with a subpar data security infrastructure. Those that do are at risk of losing everything.
The court upheld the FTC’s 2012 lawsuit against Wyndham Worldwide, a company known for operating hotels and time-shares. Records show that the FTC filed complaints against Wyndham for three data breaches occurring in 2008 and 2009, which resulted in more than $10.6 million in fraudulent charges. In its decision, the appeals court reaffirmed previous rulings that found Wyndham to be responsible for implementing better security practices, which would have helped prevent such breaches from occurring in the first place.
According to the FTC’s argument, software used at Wyndham-owned hotels stored credit card information as readable text, hotel computers lacked a system for monitoring malware, there was no requirement for user identification and or to make password difficult for hackers to guess, the company failed to use firewalls and, ultimately, failed to employ reasonable measures to detect and prevent unauthorized access to the computer network or to conduct security investigations.
“Today’s Third Circuit Court of Appeals decision reaffirms the FTC’s authority to hold companies accountable for failing to safeguard consumer data,” said FTC Chairwoman Edith Ramirez. “It is not only appropriate, but critical, that the FTC has the ability to take action on behalf of consumers when companies fail to take reasonable steps to secure sensitive consumer information.”
Next Steps For Businesses
With regard to the case between the FTC and Wyndham, the next chapter of the story is uncertain. While the win in the courtroom has helped put some wind in the FTC’s sails, the commission has yet to levy any penalties or assertions against the defendant. What is clear, however, is that a data security breach is a very real threat – one that is felt by nearly every business in the world. Furthermore, as technology continues to advance and hackers adapt, the security procedures businesses deploy must be top-notch to avoid further complications and costs associated with a sloppy security infrastructure.
Will you be ready when disaster strikes? Email Rea & Associates today to learn what you can do to protect your business from unforeseen threats.
Want to learn more about how to protect your business from a data security crisis? Check out these articles:
The malware known as CryptoLocker or CryptoWall continues to be a major concern for individuals and companies alike. So much so, that the FBI saw fit to issue a warning just last month and help raise further awareness about the threat.
According to the FBI, this Ransomware continues to evolve, which helps it avoid user’s virus detection software applications – even if they are current. Since April 2014, reported the FBI, there have been 992 incidents of CryptoLocker reported. These occurrences have resulted in the loss of around $18 million.
Read Also: How Much Is Your Data Worth To Criminals?
The Threat Is Real
Ransomware is a computer infection that’s been programmed to encrypt all files of known file types on your local computer and your server’s shared drives. Once it takes hold, it’s all but impossible for you to regain access to the data that’s been infected. Once this happens, you have one of two choices. You can:
- Restore their machine by using backup media, or
- Accommodate the hacker’s demands and pay up.
As a direct result of my experience as an IT audit manager, I have been made aware of several situations in which businesses were left with no choice but to succumb to the demands of malicious cybercriminals carrying out Ransomware attacks. And while the companies I have worked with were finally able to obtain their assailant’s encryption key code to unencrypt and regain access to their data after the ransom was paid, others are not as lucky – after all, the FBI has reported $18 million worth of losses in just over a year. Furthermore, there are no guarantees that you won’t be targeted again in the future.
Preempt A Crisis
While there is no surefire way to prevent a Ransomware attack on your data, it’s wise to implement the following best practices to reduce the possibility of infection or reinfection.
- Implement mandatory computer safety training for all employees and implement and test an IT Disaster Recovery Plan in place.
- Always use reputable antivirus software and a firewall and be sure to keep both up to date.
- Put your popup blockers to good use. Doing so will help remove the temptation to click on an ad that could infect your computer.
- Limit access to company’s data by ensuring that only a few employees have access to certain folders and data. You can facilitate this type of action by conducting annual reviews of your company’s employee access rights.
- Backup all company-owned content. Then if you do become infected, instead of paying the ransom, you can simply have the Ransomware wiped from your system and then reinstall your files once it’s safe again to do so.
- Never click on suspicious emails or attachments, especially if they come from an email address you don’t recognize. And actively avoid websites that raise suspicion.
Shut Down The Attack
If you are surfing the Web and a popup ad or message appears to alert you that a Ransomware attack is in progress, disconnect from the Internet immediately. Breaking the connection between the hacker and your data could help stop the spread of additional infections or data losses. In addition to informing your company’s IT department about the threat or occurrence, be sure to file a complaint with your local law enforcement agency.
Email Rea & Associates to learn more about the importance of your company’s online security.
By Joe Welker, CISA (New Philadelphia office)