Posts Tagged ‘data breach’

Can A Cybercriminal Crack Your Company’s Network?

Tuesday, April 5th, 2016
Ransomware Attack | Cybercriminals Target Businesses | Ohio CPA Firm

Ransomware has become a formidable threat to businesses of all sizes, yet I have worked with quite a few business owners who are unfamiliar with the term. This is particularly unnerving as a Ransomware attack can be catastrophic to the financial stability of your business. Read on for tips to help you prevent a Ransomware attack from taking down your business.

Small and midsize businesses are not immune to becoming the target of a crippling cyberattack and without the proper procedures in place business owners risk the very real threat of a large-scale assault on their company’s data. Would you be able to recover if your organization was attacked?

Instances of cybercrime have reached an all-time high and ensuring that your company has the procedures in place to guard against an army of determined fraudsters is more important than ever. But before you can implement effective controls, you must have a clear understanding of what it is that threatens your business.

Know Your Enemy

Ransomware has become a formidable threat to businesses of all sizes, yet I have worked with quite a few business owners who are unfamiliar with the term. This is particularly unnerving as a Ransomware attack can be catastrophic to the financial stability of your business.

Read Also: Could Your Company Be Ransomware’s Next Victim?

Ransomware is the infection of a computer which immediately encrypts all recognizable file types. Once your network is infected, a screen appears on your monitor demanding that the company pay a ransom in exchange for the data to be “decrypted” and released. A timeframe is established by the hackers and it is made clear that if the ransom is not paid before the deadline, the organization’s data will be destroyed.

4 Tips To Help Prevent A Ransomware Attack

To protect your business against Ransomware and other similar threats:

  1.  Train your employees to identify phishing emails.
    Numerous vendors can provide your company phishing tests and video training to help educate your employees about phishing emails and ways to identify possible scams. Specifically, work to change the mindset of those within your organization when it comes to opening attachments and clicking on hyperlinks.
  2. Set employee Microsoft Active Directory rights.
    It’s unlikely that all your employees will need full-access to your company’s entire database to do their jobs. One way to protect your data is to only grant access to the data needed for employees to complete their job responsibilities. This way, if an attack does occur, the damage can be isolated.
  3. Consider implementing programs such as Microsoft “AppLocker.”
    When you implement programs like AppLocker, you require users to be assigned access to the programs they need to utilize. Again, this helps to isolate the threat which can help minimize the impact of an attack.
  4. Implement a Disaster Recovery (DR) Plan.
    Some research indicates that only about 35 percent of small- to medium-sized businesses have a working and comprehensive disaster recovery plan. We are learning time and time again just how important it is to have a plan in place to protect your business when crisis strikes. A DR plan, complete with regular plan testing and offsite backup data, will help prepare you for unforeseen events which, under current circumstances, could prove to be catastrophic. Click here to learn more about the benefits of a DR plan and how they can keep your organization and its data safe.

Guard Your Data With These Best Practices

Monitor for irregularities

If your network is infected, you can eliminate or decrease the threat of Personally Identifiable Information (such as financial records, medical information or intellectual property) from being infiltrated by utilizing an Intrusion Detection System or Security Information & Event Management application or service. These applications are designed to monitor for invalid access attempts, outgoing traffic identification and other significant alerts.

Require two-factor authentication

Many breaches are the result of access that has been granted to a third-party vendor. Oftentimes the vendor’s network will become infected and can lead to the breach of your own organization. While the data breach may not have originated within your organization, you are responsible for the inroads that were ultimately exploited by hackers to gain access into your network. A best practice is to require all vendors to utilize two-factor authentication or direct contact with your IT staff in order to gain access to your company’s network. Your networks should never be directly accessible to any outside vendor.

These tips can help you protect your organization from cybercriminals, but they only provide an initial layer of security. New threats are being developed every day and existing threats are evolving rapidly. The best thing you can do is arm yourself with knowledge and regularly test for weaknesses in your company’s armor. One day, your business will be the focus of a cyberattack. Will you be ready?

Email Rea & Associates for more information about protecting your business from cybercrime.

By Joe Welker, CISA (New Philadelphia office)

Check out these articles to learn more about Ransomware and other cyberattacks on businesses:

How Much Is Your Data Worth To Criminals?

Businesses Beware: Sloppy Data Security Could Cost You

Then & Now: Data Security In America Since The Target Breach

Share Button

Then And Now: Data Security In America Since The Target Breach

Wednesday, December 16th, 2015
Data Breach - Ohio CPA Firm

The Target breach symbolizes the moment when the threat of personal data security violations became mainstream in America; and today, we don’t think about fraud in terms of if it will happen – it’s when it will happen.

It’s hard to remember a time when reports of data breaches, ransomware attacks and business email compromises (BEC) weren’t part of our daily lives. In fact, not so long ago we were pretty content to believe that the controls companies had in place were enough to protect us from the invisible threat of hackers and cyber criminals. But that was just a dream – and it wasn’t long before that dream manifested into a nightmarish scenario for one of the nation’s largest retailers.

Read Also: Businesses Beware: Sloppy Data Security Could Cost You

Two years ago, cyber criminals gained access to the point-of-sale systems belonging to Target. Authorities later learned that the hacker(s) gained access to about 11 GB worth of data (including highly-sensitive personal and credit card information). When the dust settled, about 70 million consumers nationwide were left vulnerable to identity theft and credit card fraud. This magnitude of this breach was huge and, as a result, companies everywhere made an effort to buckle down and implement a slew of “best practices.” But what has really changed since December 2013?

What Have We Learned From Target?

The Target breach symbolizes the moment when the threat of personal data security violations became mainstream in America; and today, we don’t think about fraud in terms of if it will happen – it’s when it will happen. But instead of becoming more vigilant about data security practices, it appears as though consumers have chosen a more desensitized reaction. These days we are content with trusting the credit card companies to notify us of any suspicious activity occurring on our account rather than implementing safer payment practices in our daily lives.

Retailers and credit card companies, on the other hand, have worked hard to make it more difficult for hackers to access their customer data. Since the breach, Target has:

  • Installed EMV compliant point-of-sale (POS) terminals in all stores to allow for transactions to be processed using a token instead of actual credit card numbers.
  • Joined two cybersecurity threat-sharing organizations in order to share and retrieve valuable information concerning data breaches and the source of those breaches.
  • Implemented more stringent firewall rules and governance procedures.
  • Constantly monitors and logs system activity.
  • Applied whitelisting technology, an administrative process that allows only preapproved applications to execute in a system, on the store’s POS systems.
  • Disabled or placed limited access on vendor accounts.
  • Deployed 2-factor authentication.
  • Established password vaults and required the use of more complex passwords.
  • Thoroughly reviewed and revised its process on how to determine which employees and contractors would have access to consumer data.

With the exception of the first two points, the measures Target has taken since its 2013 data breach are considered best practices, which means that if your business doesn’t have these security measures in place, you shouldn’t wait any longer. And, with regard to EMV technology, most businesses were expected to install and activate the new technology before Oct. 1, 2015 to avoid liability for losses resulting from fraudulent transactions.

A Moving Target

As long as there are fraudsters willing to pay for stolen names, addresses, credit card numbers and expiration dates, phone numbers, email addresses, dates of birth, Social Security numbers, etc., there will be cyber criminals looking for a way to hack into your company’s system to gain access to your consumer data or intellectual property. But if you are really serious about keeping your data safe, there are additional measures you can take.

1. Reinforce Your Firewall

Firewalls should be securely configured and continuously monitored. There are many providers that perform 24-7 firewall monitoring services to protect your company from attacks and or to alert you to signs of a possible breach. Moreover, providers are also coupling these services with the use of whitelists or blacklists, which triggers an immediate response if a potential threat is identified. Another great reinforcement for companies with experienced IT staff, would be the implementation of SIEM (Security Information and Event Management) or IDS (Intrusion Detection System) software.

2. Take Your VIP List Seriously

Not everybody should have access to your company’s domain – especially outside groups, and you should take care to review your employee and vendor access accounts routinely. The 2013 Target breach was a result of a breach that was intended for one of Target’s vendors. But, once in, the hacker was able to work his way into the Target Vendor Portal and infiltrate the Target POS systems.

3. Don’t Take Your Passwords For Granted

While doing so, be sure to verify that these credentials, in particular, require complex passwords, a limit on the number of attempts allowed before automatically disabling the account, and that they are required to be changed regularly. (Believe it or not, the most common password continues to be “123456” – proving that we are still not learning from past mistakes.)

By: Joe Welker, CISA (New Philadelphia office)

Check out these articles for more data security best practices

Malware Threat Spreads To Smart Phones

Who Is That Email Really From?

Could Your Company Be Ransomware’s Next Victim?

Share Button

Businesses Beware: Sloppy Data Security Could Cost You

Wednesday, August 26th, 2015

Defend Against A Data Breach - Ohio CPA FirmAs if you didn’t have enough keeping you up at night, the topic of data security continues to send collective shivers up the spines of business owners worldwide. Unfortunately, the Aug. 24, ruling by the United States Court of Appeals for the Third Circuit didn’t make matters any better (or less expensive) for businesses guilty of failing to protect their customers’ data. In fact, companies that utilize poor security practices that ultimately lead to a breach of consumer data are at risk of facing further disciplinary action and penalties.

Read Also: How Prepared Is Your Business For A Potential IT Disaster?

What does the FTC’s Courtroom Win Mean To Business Owners?

If you haven’t taken data security seriously in the past, it’s time to get real serious about it real quick.

Prior to the ruling, companies at the center of a data breach had to battle with lawsuits while working to rebuild their reputations. Now, in addition to litigation and negative headlines, your organization must also risk being fined by the Federal Trade Commission (FTC). Businesses can no longer operate with a subpar data security infrastructure. Those that do are at risk of losing everything.

The court upheld the FTC’s 2012 lawsuit against Wyndham Worldwide, a company known for operating hotels and time-shares. Records show that the FTC filed complaints against Wyndham for three data breaches occurring in 2008 and 2009, which resulted in more than $10.6 million in fraudulent charges. In its decision, the appeals court reaffirmed previous rulings that found Wyndham to be responsible for implementing better security practices, which would have helped prevent such breaches from occurring in the first place.

According to the FTC’s argument, software used at Wyndham-owned hotels stored credit card information as readable text, hotel computers lacked a system for monitoring malware, there was no requirement for user identification and or to make password difficult for hackers to guess, the company failed to use firewalls and, ultimately, failed to employ reasonable measures to detect and prevent unauthorized access to the computer network or to conduct security investigations.

“Today’s Third Circuit Court of Appeals decision reaffirms the FTC’s authority to hold companies accountable for failing to safeguard consumer data,” said FTC Chairwoman Edith Ramirez. “It is not only appropriate, but critical, that the FTC has the ability to take action on behalf of consumers when companies fail to take reasonable steps to secure sensitive consumer information.”

Next Steps For Businesses

With regard to the case between the FTC and Wyndham, the next chapter of the story is uncertain. While the win in the courtroom has helped put some wind in the FTC’s sails, the commission has yet to levy any penalties or assertions against the defendant. What is clear, however, is that a data security breach is a very real threat – one that is felt by nearly every business in the world. Furthermore, as technology continues to advance and hackers adapt, the security procedures businesses deploy must be top-notch to avoid further complications and costs associated with a sloppy security infrastructure.

Will you be ready when disaster strikes? Email Rea & Associates today to learn what you can do to protect your business from unforeseen threats.

By Joe Welker, CISA (New Philadelphia office)

Want to learn more about how to protect your business from a data security crisis? Check out these articles:

Could Your Company Be Ransomware’s Next Victim?
Don’t Turn A Blind Eye To PCI Compliance
How Much Is Your Data Worth To Criminals?

Share Button

How Much Is Your Data Worth To Criminals?

Friday, March 13th, 2015
Ransomware

There is no way to completely protect yourself and your network, but there are ways to preempt an attack against you and your business.

How much would you pay to regain access to your company’s network if it was compromised and held for ransom? Are you willing to shell hundreds of dollars to take your information back from a cybercriminal, or are you willing (and able) to just walk away and start anew? I wish I were asking hypothetical questions but, unfortunately, the increased popularity of Ransomware has made the risk of such an attack a very, very real possibility.

Sandra Ponczkowski, a manager of the IT security company KnowBe4, recently shared Your Money or Your Life Files, a whitepaper that details the history and real threat of Ransomware, a computer infection that encrypts all files of known file types on your local computer and server shared drives. Once infected, it becomes impossible for you to access your documents or applications that use these encrypted files. The only way to recover from such an infection is to either restore your machine by using backup media, or accommodating the hacker’s demands and paying their ransom.

Unfortunately, I know of several situations where the businesses involved in a Ransomware attack had no choice but to pay ransom demands to the cybercriminal. The silver lining for these companies was that, upon paying the ransom, they were able to obtain the assailant’s encryption key code, which allowed them to unencrypt their data and regain access to their data.

Long-term protection, however, cannot be guaranteed and there is a chance that your data can be held for ransom again.

The literature provided by KnowBe4 details the fluency with which the popular Ransomware infection CryptoLocker changes and adapts once a solution to unencrypt infected data files becomes available. When this happens, the CryptoLocker infection will evolve into a new strain, thus making the previous solution unusable.

While there is no way to completely protect yourself and your network, there are ways to preempt an attack against you and your business. I recommend the following best practices.

  1. Train yourself and your employees about computer safety practices.
  2. Complete a yearly review of your employee’s access rights to company-owned computers, server folders and backup media. For example, only a few, strategic employees should have access to the company’s folders and data. As a general rule, employee access should be restricted to include only the programs and software required for them to do their jobs. This also applies to work-from-home employees who typically attach a USB drive to their machines for backup protection.
  3. If you don’t already, put a disaster recovery in place and test it ever year to ensure accuracy and completeness.

Following these practices should make your business’s Ransomware prevention and recovery much easier. Email Rea & Associates to learn find out more about the importance of protecting your company’s online security.

By Joe Welker, CISA (New Philadelphia office)

 

Related Articles

Who’s Fishing For Your Data Today?

Beware Of Small Business Wire Transfer Scam

Could A Cyber-Attack Cripple Your Business In 2015?

Share Button

How Can I Protect My Business From A Data Security Breach?

Thursday, December 19th, 2013

We live in an ever-increasing digital world. And with that comes risk – and lots of it. The number of stolen debit/credit card numbers continues to grow every day. Today’s news story about how nearly 40 million Target customers had debit or credit card information stolen is the most recent example of the kind of risky, digital world we live in.  (more…)

Share Button