Think Beyond Basic Backups to Tackle Ransomware

Although ransomware has long been a serious concern for business owners all over the world, the COVID-19 pandemic has created new opportunities for this threat to flourish, and the attack vector is likely to become even more dangerous in the coming years.

 
According to a report, 304 million ransomware attacks occurred globally in 2020, with ransomware affecting over 65% of global businesses.¹ Experts suggest that this is only the tip of the iceberg. Unfortunately, even though SMBs continue to be disproportionately affected by these nefarious attacks, reporting and notifications rarely make the news.

 
When it comes to cybersecurity and ransomware, the biggest mistake SMBs make is assuming hackers only target large enterprises. This is why many SMBs still rely on simple backups and don't have a solid strategy in place.

 
The truth is that hackers are counting on smaller businesses to have fewer security measures in place, making it easier for them to get into your systems. While it’s good to have data backup, it's high time you take its security a step further.

 

The 3-2-1 Backup Strategy for Your Business

 
This is an industry best practice for reducing the risk of losing data in the event of a breach. The 3-2-1 strategy involves having at least three copies of your data, two on-site but on different mediums/devices, and one off-site. Let's examine each of the three elements and the issues they address:

 

• Three copies of data

Having at least two additional copies of your data, in addition to your original data, is ideal. This ensures that, in the event of a disaster, you will always have additional copies. The first backup copy of data is usually kept in the same physical location as the original, if not the same physical server.

 

• Two different mediums

Storing additional copies of your valuable data on the same server/location won’t be helpful in the event of a breach. Keep two copies of your data on different types of storage mediums such as internal hard drives, and removable storage like an external hard drive or a USB drive. If this isn't practical for your business, keep copies on two internal hard disks in separate storage locations.

 

• One off-site copy

Keep one copy of your data off-site, far from the rest. This helps safeguard against worst-case scenarios.

 
In addition to the 3-2-1 backup strategy, consider applying the concept of layered security to keep your data and backup copies secure.

 

Importance of Layered Security in Cyber Defense

 
Most SMBs have an antivirus or firewall installed, but this is usually insufficient to combat today's sophisticated threat landscape, necessitating the application of a layered security approach.

 
Because no security technology or measure is flawless or guaranteed, layered security assumes that attackers will infiltrate different layers of an organization's defenses or have already done so. The goal of this approach is to provide multiple security measures so that if an attack gets past one security tool, there are others in place to help identify and stop the attack before your data is stolen.

 
The THREE ELEMENTS of layered security are:

 

• Prevention

Security policies, controls and processes should all be devised and implemented during the PREVENTION phase.

 

• Detection

The goal of DETECTION is to discover and notify a compromise as soon as possible.

 

• Response

A quick RESPONSE is crucial for the detection phase to be meaningful.

 
Layered security is divided into seven layers by security experts. Hackers seeking to get into a system must break through each layer to gain access. If you want to keep cybercriminals out of your systems, concentrate on improving these seven layers:

 

1. Information security policies

Implement security policies that restrict unauthorized access because the security and well-being of IT resources are dependent on them. This will help you raise information security awareness inside your organization and demonstrate to your clientele that you're serious about securing their data.

 

2. Physical security

Physical security measures, such as fences and cameras, are critical to prevent unwanted intruders from breaking in. It also helps monitor employees with access to sensitive systems.

 

3. Network security

All it takes is for hackers to exploit a single vulnerability to get access to a company’s network. They can easily break into computers and servers after they’ve gained access to your network. Therefore, establishing effective network security measures is essential.

 

4. Vulnerability scanning

Vulnerabilities that occur because of factors such as inadequate patch management and misconfigurations open the door for cybercriminals. However, vulnerability scans help detect these missed patches and improper configurations.

 

5. Strong identity and access management (IAM)

Because of technological advancements, acquiring passwords and hacking into networks is easier than ever. IAM restricts access to critical data and applications to certain workers, making unauthorized access hard.

 

6. Proactive protection and reactive backup + recovery

Proactive protection detects and fixes security risks before they lead to a full-blown breach. The goal of reactive backup and recovery is to recover quickly after an attack.

 

7. Continual monitoring and testing

Failure to regularly monitor and test your backup and disaster recovery strategy is a major oversight and can result in a breach.

 
While it’s your responsibility to make sure your business doesn't get sucked into the quicksand of data loss, it's easy to become overwhelmed if you're attempting to figure out everything on your own. Working with a specialist like us provides you with the advantage of having an expert on your side. We'll make sure your backup and security postures are capable of tackling threats.

 


 
 
 
 
Source:

1. Statista

 
 

Think Beyond Basic Backups to Tackle Ransomware

Although ransomware has long been a serious concern for business owners all over the world, the COVID-19 pandemic has created new opportunities for this threat to flourish, and the attack vector is likely to become even more dangerous in the coming years.

 
According to a report, 304 million ransomware attacks occurred globally in 2020, with ransomware affecting over 65% of global businesses.¹ Experts suggest that this is only the tip of the iceberg. Unfortunately, even though SMBs continue to be disproportionately affected by these nefarious attacks, reporting and notifications rarely make the news.

 
When it comes to cybersecurity and ransomware, the biggest mistake SMBs make is assuming hackers only target large enterprises. This is why many SMBs still rely on simple backups and don't have a solid strategy in place.

 
The truth is that hackers are counting on smaller businesses to have fewer security measures in place, making it easier for them to get into your systems. While it’s good to have data backup, it's high time you take its security a step further.

 

The 3-2-1 Backup Strategy for Your Business

 
This is an industry best practice for reducing the risk of losing data in the event of a breach. The 3-2-1 strategy involves having at least three copies of your data, two on-site but on different mediums/devices, and one off-site. Let's examine each of the three elements and the issues they address:

 

• Three copies of data

Having at least two additional copies of your data, in addition to your original data, is ideal. This ensures that, in the event of a disaster, you will always have additional copies. The first backup copy of data is usually kept in the same physical location as the original, if not the same physical server.

 

• Two different mediums

Storing additional copies of your valuable data on the same server/location won’t be helpful in the event of a breach. Keep two copies of your data on different types of storage mediums such as internal hard drives, and removable storage like an external hard drive or a USB drive. If this isn't practical for your business, keep copies on two internal hard disks in separate storage locations.

 

• One off-site copy

Keep one copy of your data off-site, far from the rest. This helps safeguard against worst-case scenarios.

 
In addition to the 3-2-1 backup strategy, consider applying the concept of layered security to keep your data and backup copies secure.

 

Importance of Layered Security in Cyber Defense

 
Most SMBs have an antivirus or firewall installed, but this is usually insufficient to combat today's sophisticated threat landscape, necessitating the application of a layered security approach.

 
Because no security technology or measure is flawless or guaranteed, layered security assumes that attackers will infiltrate different layers of an organization's defenses or have already done so. The goal of this approach is to provide multiple security measures so that if an attack gets past one security tool, there are others in place to help identify and stop the attack before your data is stolen.

 
The THREE ELEMENTS of layered security are:

 

• Prevention

Security policies, controls and processes should all be devised and implemented during the PREVENTION phase.

 

• Detection

The goal of DETECTION is to discover and notify a compromise as soon as possible.

 

• Response

A quick RESPONSE is crucial for the detection phase to be meaningful.

 
Layered security is divided into seven layers by security experts. Hackers seeking to get into a system must break through each layer to gain access. If you want to keep cybercriminals out of your systems, concentrate on improving these seven layers:

 

1. Information security policies

Implement security policies that restrict unauthorized access because the security and well-being of IT resources are dependent on them. This will help you raise information security awareness inside your organization and demonstrate to your clientele that you're serious about securing their data.

 

2. Physical security

Physical security measures, such as fences and cameras, are critical to prevent unwanted intruders from breaking in. It also helps monitor employees with access to sensitive systems.

 

3. Network security

All it takes is for hackers to exploit a single vulnerability to get access to a company’s network. They can easily break into computers and servers after they’ve gained access to your network. Therefore, establishing effective network security measures is essential.

 

4. Vulnerability scanning

Vulnerabilities that occur because of factors such as inadequate patch management and misconfigurations open the door for cybercriminals. However, vulnerability scans help detect these missed patches and improper configurations.

 

5. Strong identity and access management (IAM)

Because of technological advancements, acquiring passwords and hacking into networks is easier than ever. IAM restricts access to critical data and applications to certain workers, making unauthorized access hard.

 

6. Proactive protection and reactive backup + recovery

Proactive protection detects and fixes security risks before they lead to a full-blown breach. The goal of reactive backup and recovery is to recover quickly after an attack.

 

7. Continual monitoring and testing

Failure to regularly monitor and test your backup and disaster recovery strategy is a major oversight and can result in a breach.

 
While it’s your responsibility to make sure your business doesn't get sucked into the quicksand of data loss, it's easy to become overwhelmed if you're attempting to figure out everything on your own. Working with a specialist like us provides you with the advantage of having an expert on your side. We'll make sure your backup and security postures are capable of tackling threats.

 

---

 
 
 
 
Source:

1. Statista

 
 

Cybersecurity: What Every Business Owner Should Know

 
While organizations and workers have certainly benefitted from the advancement of technology, it has also introduced an unprecedented number of cybersecurity risks. Ransomware attacks, for example, hit businesses every 11 seconds in 2021.¹ Therefore, if you want your business to grow and succeed, you must understand the realities of cybersecurity.

 

The Reality of the Current Threat Landscape

Did you know that the cost of cybercrime downtime is typically higher than a ransom?

 
Almost every organization will encounter cybercrime at some point. It's not a question of IF, but rather WHEN it will happen. While that reality can be alarming, there’s no need to panic. There are proactive steps you can take to protect your business and achieve peace of mind. But first, let’s discuss what you need to be aware of.

 
Here are some of the most serious and prevalent cyberthreats facing business owners right now:

 

• Ransomware

Ransomware is malicious software that threatens to reveal sensitive data or prevent access to your files/systems until you pay a ransom payment within a set timeframe. Failure to pay on time can result in data leaks or irreversible data loss.

 

• Phishing/Business Email Compromise (BEC)

Phishing is a cybercrime that involves a hacker impersonating a legitimate person or organization mostly through emails or through other methods such as SMS. Malicious actors employ phishing to send links or attachments that can be used to extract login credentials or install malware.

 
Similarly, business email compromise (BEC) is a scam in which cybercriminals use compromised email accounts to trick victims into sending money or revealing sensitive information.

 

• Insider Threats

An insider threat arises from within a company. It could happen because of a current or former employee, vendor, or other business partner who has access to important corporate data and computer systems. Insider threats are hard to detect because they emerge from within and are not always intentional.

 

• Denial-of-Service/Distributed Denial-of-Service (DoS and DDoS)

These attacks are widespread and easy to carry out. When a DoS or DDoS attack occurs, hackers flood the targeted system with repeated data requests, forcing it to slow down, crash or shut down.

 
If you are still unsure whether you should be concerned about these sophisticated threats or not, the following statistics may help you make up your mind:

 

• It takes an average of 280 days to identify and contain a breach.²
• Malicious attacks with financial motivations were responsible for 52% of breaches.²
• Personal Identifiable Information (PII) is compromised in 80% of data breaches (PII).²

 

Implement These Measures to Secure Your Business

 
Now that you know what types of cyberthreats to look out for, let’s take a look at some measures you can put in place to protect your business against cybercrimes.

 

• Strict Password Policies/Management Tools

Strict password policies and the use of proper password management solutions can help improve your organization's overall password hygiene. It is, in a way, the first line of protection against cybercriminals.

 

• Strong Identity Controls - Multifactor Authentication (MFA)

To combat the current threat landscape, strong identity controls that go beyond traditional username-password authentication are required. Consider using Multifactor authentication, which includes features such as one-time passwords (OTPs) and security questions.

 

• Regular Risk Assessment

This process aids in the detection, estimation and prioritization of risks to an organization's people, assets and operations.

 

• Virtual Private Network (VPN)

To avoid a security breach, you should set up a corporate VPN that encrypts all your connections. Make sure your employees test it in their respective locations to avoid any hassles.

 

• Business Continuity Strategy

When disaster hits, a solid business continuity strategy ensures that mission-critical operations continue uninterrupted and that IT systems, software and applications remain accessible and recoverable.

 

• Continual Security Awareness Training

Continuous security training empowers your employees to recognize complex cyberthreats and take appropriate action, resulting in a transformative security culture within your organization.

 
If you’re ready to strengthen your cybersecurity posture but aren’t sure where to start, don’t worry. We can help your company build a digital fortress of protection solutions.

 


 
 
 
 
 
Sources:

1. Cybersecurity Ventures (https://cybersecurityventures.com/cybercrime-damages-6-trillion-by-2021/)
2. IBM Cost of Data Breach Report (https://www.ibm.com/downloads/cas/QMXVZX6R)

 
 

Cybersecurity: What Every Business Owner Should Know

  While organizations and workers have certainly benefitted from the advancement of technology, it has also introduced an unprecedented number of cybersecurity risks. Ransomware attacks, for example, hit businesses every 11 seconds in 2021.¹ Therefore, if you want your business to grow and succeed, you must understand the realities of cybersecurity.

 

The Reality of the Current Threat Landscape

Did you know that the cost of cybercrime downtime is typically higher than a ransom?

  Almost every organization will encounter cybercrime at some point. It's not a question of IF, but rather WHEN it will happen. While that reality can be alarming, there’s no need to panic. There are proactive steps you can take to protect your business and achieve peace of mind. But first, let’s discuss what you need to be aware of.

  Here are some of the most serious and prevalent cyberthreats facing business owners right now:

 

• Ransomware

Ransomware is malicious software that threatens to reveal sensitive data or prevent access to your files/systems until you pay a ransom payment within a set timeframe. Failure to pay on time can result in data leaks or irreversible data loss.

 

• Phishing/Business Email Compromise (BEC)

Phishing is a cybercrime that involves a hacker impersonating a legitimate person or organization mostly through emails or through other methods such as SMS. Malicious actors employ phishing to send links or attachments that can be used to extract login credentials or install malware.

  Similarly, business email compromise (BEC) is a scam in which cybercriminals use compromised email accounts to trick victims into sending money or revealing sensitive information.

 

• Insider Threats

An insider threat arises from within a company. It could happen because of a current or former employee, vendor, or other business partner who has access to important corporate data and computer systems. Insider threats are hard to detect because they emerge from within and are not always intentional.

 

• Denial-of-Service/Distributed Denial-of-Service (DoS and DDoS)

These attacks are widespread and easy to carry out. When a DoS or DDoS attack occurs, hackers flood the targeted system with repeated data requests, forcing it to slow down, crash or shut down.

  If you are still unsure whether you should be concerned about these sophisticated threats or not, the following statistics may help you make up your mind:

 

• It takes an average of 280 days to identify and contain a breach.²
• Malicious attacks with financial motivations were responsible for 52% of breaches.²
• Personal Identifiable Information (PII) is compromised in 80% of data breaches (PII).²

 

Implement These Measures to Secure Your Business

  Now that you know what types of cyberthreats to look out for, let’s take a look at some measures you can put in place to protect your business against cybercrimes.

 

• Strict Password Policies/Management Tools

Strict password policies and the use of proper password management solutions can help improve your organization's overall password hygiene. It is, in a way, the first line of protection against cybercriminals.

 

• Strong Identity Controls - Multifactor Authentication (MFA)

To combat the current threat landscape, strong identity controls that go beyond traditional username-password authentication are required. Consider using Multifactor authentication, which includes features such as one-time passwords (OTPs) and security questions.

 

• Regular Risk Assessment

This process aids in the detection, estimation and prioritization of risks to an organization's people, assets and operations.

 

• Virtual Private Network (VPN)

To avoid a security breach, you should set up a corporate VPN that encrypts all your connections. Make sure your employees test it in their respective locations to avoid any hassles.

 

• Business Continuity Strategy

When disaster hits, a solid business continuity strategy ensures that mission-critical operations continue uninterrupted and that IT systems, software and applications remain accessible and recoverable.

 

• Continual Security Awareness Training

Continuous security training empowers your employees to recognize complex cyberthreats and take appropriate action, resulting in a transformative security culture within your organization.

  If you’re ready to strengthen your cybersecurity posture but aren’t sure where to start, don’t worry. We can help your company build a digital fortress of protection solutions.

 

---

          Sources:

1. Cybersecurity Ventures (https://cybersecurityventures.com/cybercrime-damages-6-trillion-by-2021/)
2. IBM Cost of Data Breach Report (https://www.ibm.com/downloads/cas/QMXVZX6R)

   

New Cooperative & Crystal Valley Cooperative

https://www.scmagazine.com/analysis/ransomware/food-and-agriculture-industry-needs-more-threat-intel-as-ransomware-attacks-crop-up/
Exploit: Ransomware

New Cooperative & Crystal Valley Cooperative: Agricultural Services
Individual Impact: No personal, financial or sensitive data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Business: As we learned throughout the pandemic, cybercriminals are aware of when it’s the worst possible time for them to strike and they’ll use that as leverage in their attacks.

 

 

Simon Eye & US Vision

https://www.govinfosecurity.com/hacking-incidents-lead-to-2-big-eye-care-provider-breaches-a-17587
Exploit: Hacking

Simon Eye & US Vision: Optometry Clinic Operators
Customers Impacted: 320,000

How It Could Affect Your Business: When companies fail to keep highly sensitive data like this safe, they take a direct hit to the wallet since it costs them a fortune in HIPAA fines once regulators get finished with them.

 

 

Marcus & Millichap

https://searchsecurity.techtarget.com/news/252507058/Marcus-Millichap-hit-with-possible-BlackMatter-ransomware
Exploit: Ransomware

Marcus & Millichap: Real Estate Firm
Individual Impact: No personal, financial or sensitive data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Business: Booming dark web data markets mean that cybercriminals are hungry for all kinds of data, especially customer records and financial information.

 

 

Colombia – Coninsa Ramon H

https://thehackernews.com/2021/09/colombian-real-estate-agency-leak.html
Exploit: Misconfiguration

Coninsa Ramon H: Real Estate Firm
Customers Impacted: Unknown

How It Could Affect Your Business: exposed databases are a cybersecurity incident that companies don’t need to face if everyone is on the same page about the importance of security.

 

 

Italy – Covisian

https://www.inforisktoday.com/ransomware-attack-reportedly-cripples-european-call-center-a-17619

Exploit: Ransomware

Covisian: Call Center Operator
Customers Impacted: Unknown

How it Could Affect Your Business: This is a good illustration of today’s third-party/supply perils. One ransomware attack on a company like this can ripple out to impact many businesses.

 

 

Israel – Voicecenter

https://www.haaretz.com/israel-news/tech-news/.premium-experts-iran-may-be-behind-cyberattack-on-company-serving-big-names-in-israeli-tech-1.10231555

Exploit: Ransomware

Voicecenter: Call Center Operator
Customers Impacted: Unknown

How it Could Affect Your Business: service providers are goldmines for cybercriminals because they provide a wealth of data that can be used and sold for high profit.