SCA recommends a few key best practices to protect our clients from the deluge of threats lurking in cyberspace. These best practices include but are not limited to a network firewall appliance, patched and updated operating systems, patched and updated software applications, anti-virus software, and a good backup of all important data.
Some business owners may think that they are not a target of hackers, or that they don’t have data of any consequence that hackers would want to steal. Here is just one real world example of a malware attack.
Criminal groups are known to be releasing malicious software known as ransomware. If triggered, the software encrypts (destroys, renders useless) all the data on the computer, AND all data on the network that the infected computer has access to. This could include servers, shared corporate data, accounting data files, and even email files. After triggering the malware, the user would then get an on-screen message stating that for a certain amount of money payable in untraceable Bitcoin, a decryption code would be provided to unlock the data. Paying the ransom may or may not result in recovering the data, and only feeds the criminal activity. Cyber-criminals will collect nearly $300 million in 2016 by extorting businesses and institutions to unlock encrypted data on computers and servers.
Here’s the real world example… A resume was submitted to the HR department of a company with a Word document resume attached. The user opened the Word document thinking that it was legitimate, and triggered the ransomware, which destroyed files on the network. In this example, the attack was random, and the user just happened to be expecting resumes for a job opening. This could have been any user on any business network. There was no hacker on the other end of the attack trying to penetrate the network to get to a specific piece of data. A better firewall could have prevented the attack. Thankfully there was a solid backup in place. Otherwise, the company would have suffered great losses.
SCA can consult with you to ensure that the layers of security are in place to minimize the potential of an attack, and to mitigate the damage if an attack happens.
Contact us today to setup a free assessment of your network.