It’s been a long month. In February, we battled two ransomware attacks. One client was attacked by Cryptolocker; the other by a new ransomware variant called Locky. We also saw a rash of other malware infections that were no less concerning due to the potential damage they can cause. In all cases, SPAM was the launching point for the attacks.
Trustwaves’s 2015 Global Security Report found that 60% of all inbound email is SPAM.
The “I’m too small” syndrome is a myth
When we speak to business owners about security we almost always get responses like: “I’m too small for hackers to even know about” or “I don’t have anything they would want”. They’re wrong in both cases and it is this very attitude that draws cyber-criminals to attack small businesses in the first place.
First, criminals do know that you exist, even if you are a one-person business. In addition to their masterful internet-searching skills, they come across small company and personal profiles like yours during hacks of institution and Government databases. Afterwards, millions of these records are sold on criminal underground forums where they fetch a good price for obvious reasons.
SecurityWeek reported that in 2015, over 707 million data records were compromised.
Second, even one-person businesses keep client information and charge for their services via credit cards while many store this valuable data on their PCs without adequate security.
Third, criminals know that predominantly, small businesses do not take security seriously and therefore their systems are easier to penetrate, often times going undetected for weeks and even months.
I can’t count the number of times we see small businesses using free versions of anti-virus software rather than business-class AV protection, operating without adequate backup systems and not taking basic security precautions—putting their confidential information and those of their clients at risk.
Criminals send millions of SPAM emails every day, infecting thousands by tricking users into:
- Clicking infected links and downloading malware directly or getting redirected to infected sites.
- Opening infected attachments where macros inject malware onto their systems.
A real-life example
In one of the attacks mentioned in the beginning of this article, an employee clicked on an infected link or attachment in a SPAM email at the end of the workday. After doing so, nothing appeared to be happening so the employee concluded that it was nothing to worry about and went home for the evening.
Unfortunately for this small company, a lot was happening behind the scenes. Locky, one of the newest variants of ransomware, quietly worked in the background, opening and encrypting files, including those on shared server drives. By the time the attack was discovered the next morning, the workstation and server files were encrypted, effectively shutting down the entire network.
Fortunately, they are a client of XSolutions and had recent, viable backups. We restored critical processes first, then scheduled restores according to importance. It was a two-day battle, requiring lots of resources to get them back up and running before the attack could severely impact them.
This company was very lucky. Others have been down for days and even weeks in similar situations. In a recent case, a small manufacturing company was forced to pay the ransom because their backups were corrupted and they had no way of retrieving their data. They were down for days—unacceptable by today’s standards.
7 Immediate steps small businesses should take
- Get the best backup system you can afford, matched to your tolerance for downtime. If your business network can be down for days to weeks without negatively impacting your bottom line, then a good data backup system may be all you need. But, if you cannot afford long network outages, a Hybrid-cloud Business Continuity solution is the way to go.
- Make sure all workstations are protected by business-class anti-virus protection. Keep them updated and run them often.
- Keep all Operating Systems and third party software patched to close known vulnerabilities.
- Use unique, strong passwords for each application. NEVER use the same one for multiple programs or share passwords among employees and other parties.
- Don’t set your browser to remember logins and passwords. Use a Password Manager with a super-strong password, and make sure it is set to log out after a short period of inactivity.
- Employ a strong anti-SPAM filter to reduce the number of bogus emails. XSolutions’ anti-SPAM solution can eliminate up to 95% of SPAM from getting through. Less SPAM reduces your chances of getting infected.
- Educate yourself and your employees on basic online security. Read our blog and follow us on LinkedIn to stay abreast of the latest criminal exploits, scams and hacks.
Small businesses can no longer afford to think that “they’re flying under the radar” of today’s hackers —you’re not. They know who you are and are planning at this very minute to penetrate your defenses and steal information or take your money. There is much you can do, so don’t become a statistic. Start protecting your company now.
Joseph Imperato Sr. is the Managing Partner for XSolutions Consulting Services, a Managed Services Provider (MSP) delivering Computer Support, Business Continuity, Cloud Services, and IT Consulting to New York, New Jersey, and Connecticut businesses. Call us at (845) 362-9675 and see how we can help your company.