One of the newest threats that business owners all over the world must be aware of is cybercrime. In this new article from Forbes, "The True Cost Of Cybercrime For Businesses", experts are saying that malware, Ransomware and other forms of cybercrime are being perpetrated a lot more than we think.
In spite of how much money organizations are spending on their Internet security, data breaches are still occurring at an ever-increasing rate. In addition, these attacks are evolving and becoming more effective. As security experts continue to try and curtail this epidemic, business owners are left paying the price.
In a new report from the Ponemon Institute, we learn that hacking now costs the average business in America $15 Million a year. Though this includes indirect and direct expenses, that number is constant regardless of the size or type of business you operate. It would seem like only larger companies would be hit, but all research reveals that small and medium-sized businesses are the most common targets.
The reason for this is simple. Hackers are looking for easy targets and most small businesses are not using the best security for their IT infrastructure. Smaller companies don’t have the budget for training their employees or hiring top-notch security people to assess their security protocols. This leaves them more vulnerable than others.
The Anatomy of a Ransomware Attack
For hackers, Ransomware is the newest and best way to earn a few thousand dollars a day. In the first stage of this attack, an email is sent out to employees of a company. Hackers might send thousands of these emails each day. Though everyone should be aware of the dangers of phishing emails, occasionally a careless employee will click on a bad link.
Remember that hackers are learning from their mistakes. They know how to send out unique emails that seem authentic. Add to that the fact that many workers get busy during the day and simply don’t watch what they’re doing. Once the employee visits the bad website or clicks on the toxic link, the Ransomware virus is quickly downloaded to the employee’s computer. From there it spreads like wildfire infecting every computer in the network. Within moments your entire operation can be shut down.
In the next phase of the Ransomware attack, the business owner is shown a threatening message that scrolls across all computer screens. It will include the amount of the ransom, a bank account to send payment to, and the countdown clock letting you know how much time you have left to pay the ransom. In most attacks nowadays the ransom will go up if you do not pay within the allotted timeframe.
What happens next depends on you and the recommendations made by your IT security department. In cases where the ransom is under $10,000, many business owners will simply pay. The FBI warns business owners not to pay the ransom for several reasons. The main reason is that it sets a bad precedent. If business owners make it too easy for hackers, then they will get bolder as time goes by. The other issue is that there is no guarantee that you will get all your files returned to you intact.
What Can You Do To Protect Your Company?
Most experts agree that one of the most important things you can do is to train your employees about all the latest cyber threats. Your employees can either be your strongest asset or your weakest link. It’s worth your time and trouble to make IT security training mandatory for every employee. Your IT department can set up quarterly training sessions for all employees. They can also send out good YouTube videos on this topic each month to everyone in your organization.
So What's The Answer?
There are many other things you can do to protect your business from cyber thieves. This NIST report at https://nvlpubs.nist.gov/nistpubs/hb/2017/NIST.HB.162.pdf has some great tips on how to avoid being a victim of cybercrime.
At Data Magic, we offer numerous security packages that provide whatever level of security your business requires. We can begin by assessing the state of your current IT security then make recommendations for improving everything. We also offer employee training classes that will keep your staff up-to-date on all the latest Internet scams going around.
We approach security with the attitude that eventually hackers will find a way into your network unless we remain proactive. Our services include round-the-clock monitoring of your network. Below are just a few of our other IT security services:
- Bundled security products that include an anti-virus solution, intrusion prevention firewall, data encryption, email and web protection, and integrity monitoring.
- Mobile Device Monitoring for your mobile devices and support for your BYOD (bring your own device) policies.
- Solutions to help you comply with HIPAA, SOX, FFIEC, FISMA, PCI or DSS, and other regulations.
- Protection for your PCs, laptops, tablets, servers, and other computer devices such as point-of-sale machines, using continuous cloud-based updates.
- Penetration Testing and Ethical Hacking to reveal how effective your security measures are.
Contact Us
If you’d like to learn more about how Data Magic can protect your business from the growing number of global cyber-attacks, please contact us. We have the tools, resources, and expertise to stop attacks from occurring and ensure that your data and computer assets are safe and secure.
