If you become aware that a cyber-attack has been taken against your company, it is imperative action be taken immediately to mitigate the risk of loss to data, money, and other company assets. Time is of the essence. Take the following actions immediately:
- If applicable (funds were transferred/compromised), contact your bank. In the case of a wire fraud, you can initiate a “SWIFT recall” on the wire transfer. Contact all banks that may have received your funds. Ask to speak to their fraud department.
- Notify your internal IT department or Managed Services Provider (MSP). Provide as much detail as possible. If a computer is involved in the incident, we will provide direction whether action is required to turn off or disconnect the device from the network.
- Report the incident to the Internet Crime Complaint Center (IC3) at http://www.ic3.gov.
- Report the incident to additional Federal Government agencies as described in “Cyber Incident Reporting – A Unified Message for Reporting to the Federal Government” for specific reporting requirements: https://www.dhs.gov/sites/default/files/publications/Cyber%20Incident%20Reporting%20United%20Message.pdf
- Notify local law enforcement of the incident
- Notify your cyber liability insurance provider. They can assist you with arranging public relations advisors to support proper customer notifications and legal counsel.
Expect notifications to take time as each involved party gathers the information they need. If possible, assign multiple people to initiate notifications in parallel.
Consider using a conferencing service like Microsoft Teams or Zoom that can be used by all parties throughout the notification process. Many conferencing services allow for “rooms” to be created to allow groups to break away for specific discussions and then rejoin the main group. This may also provide you the ability to record the conversations (notify participants) for later review. Practice this process before an actual incident so you are comfortable with the technology.
Keep and record the following information for possible investigation:
- Canceled checks, Wire receipts, Credit card receipts, Money order receipts
- Facsimiles, Certified or other mail receipts, envelopes (if you received items via FedEx, UPS or U.S. Mail), Pamphlets or brochures
- Emails, text messages, chatroom or newsgroup text, social media messages, web pages (screen shots), phone records
- Computer log files, if available, with date, time, and time zone
Ransomware attacks are constant and indiscriminate. Whether you run an SMB or a multinational corporation, your network is being actively targeted.
A survey conducted in 2021 by cyber security firm Sophos found that nearly 37% of all businesses worldwide had been affected by a ransomware attack in the last year. The average ransom paid to successful attackers was $170,000, and, on average, businesses were only able to recover 65% of their data. Among the attacked organizations were
- Accenture
- City of Tulsa
- Fujifilm
- Kia Motors
- NBA
- NRA
- University of Colorado.
As a managed service provider, Simpleworks prioritizes its clients’ cyber security. That’s why we’ve partnered with Datto, a leading backup solution, which allows us to provide our customers with the best business continuity and disaster recovery (BCDR) available today.
Not All Backups are Created Equal
With 11 patents and over a million clients, Datto is one of the most trusted BCDR solutions. Simpleworks’ partnership with Datto means our customers get all the following benefits.
- REDUNDANCY | Key to Datto’s backup technology is its redundancy. They provide both hardware and cloud-based solutions so a catastrophic loss of property won’t put your data at risk. Snapshots are taken hourly and backed up both onsite and at two locations in the cloud.
- BLOCK-LEVEL BACKUPS | Datto takes a snapshot of your computer at the block level, which means your devices can be returned to the exact same state they were in when the shot was taken—apps, permissions, documents, all of it.
- DATA SECURITY | Datto has an entire department of 60 people devoted to network security. Active monitoring, regular bounty programs, and back testing ensure their cloud is an impenetrable storehouse for your data.
- RAPID RECOVERY | 24/7/365 customer support means no matter when an attack occurs, Simpleworks and Datto will have your data restored ASAP. Recovery is usually possible within a few hours but can even be as fast as a few minutes.
Can Your Business Survive Data Loss?
As a managed service provider, we are all too familiar with the damage ransomware attacks can have on Colorado Springs businesses that fail to take cyber security seriously. Don’t put your data—and your customer’s data—at risk. Contact us right away to learn more about the business continuity and disaster recovery services we provide—powered by Datto!
Admit it—you have at least one password that is “passw0rd.” Or your address. Or your birthday. Or your daughter’s birthday. We’ve all done it. And in the early days of the Internet, you might’ve gotten away with it. If not, you likely didn’t have sensitive data online for a hacker to exploit. But the world has changed. Hackers now have the power to ruin lives, destroy businesses, even ransom large corporations and governments. Password security remains the primary attack vector for these threats.
Here is what you can do to protect yourself and your business.
Create a Strong Password
So if you can’t use “passw0rd” or “123456,” what can you use? Strong passwords have several principles in common.
- Length – Ideally, your password should be 8-12 letters long. The longer the better, but 12 is plenty long enough if the password has the next two traits.
- Complexity – Mixing capital letters, numbers, and symbols and/or using a string of small random words will make your password sufficiently complex.
- Easy to remember, but not easy to guess – Try to come up with a system that you can remember for creating different passwords for different purposes that you can remember but that a hacker (who may have some personal data about you) would not be able to guess. Information like addresses, birthdays, and social security number sequences should certainly be avoided.
You also want to be careful about how you answer security questions. If you are prompted to give your mother’s maiden name, for example, don’t use it. A hacker could easily find that information. Perhaps make up a name or use a completely unrelated word like “flowers” that would be nearly impossible for a hacker to figure out.
Use a Password Manager
An all-star password still must be remembered to be effective. Writing down sensitive information comes with its own set of risks, especially in an office. So many people use password managers like LastPass to create and store all their passwords. There are several benefits of doing this:
- Complex password generation – LastPass and others can create complicated passwords that you won’t have to know or remember.
Memory decluttering – The only password you’ll have to keep in your brain’s long-term memory is the one to open LastPass. As long as you can remember that, you can get into everything else with the click of a button.- Cloud storage – No more sticky notes on monitors. Everything is stored in the cloud on an encrypted network.
Activate Multifactor Authentication Everywhere
Multifactor authentication adds a second or third layer of security to your password. Having to enter a code received by email or text message means that a hacker would need more than just your password to break in – they also need access to something you have, like your phone or email account. Authenticator apps like Google Authenticator or Duo Mobile are free and relatively easy to set up.
Implement a Password Management Strategy
Any network is only as secure as its weakest link. This means that if you run a business, a password policy should be in place to ensure best practices are followed. Several steps should be taken to ensure compliance:
- Craft a password policy – The policy should be widely distributed and instruct employees that they should not write passwords down or share them with anyone. Controls should also help them to avoid creating weak or generic passwords.
- Use a password manager – Password managers can be set up with individualized accounts and to protect passwords needed by multiple people.
- Multifactor authentication – MFA needs to be a requirement for every device with access to the company’s network.
Learn More about How to Manage Passwords
Check out our video blog for more information about password management, multifactor authentication, and a variety of other IT support questions and trends. New episodes are released weekly on YouTube and major podcasting platforms.
MFA (Multifactor Authentication)—Because Strong Passwords Are Not Enough
The scourge of recent high-level hacking has many businesses worried. Much of your most valuable data is now stored online. Hackers and their automated bots are roaming the Internet constantly searching for vulnerabilities to be exploited. These threats are real, constant, and have effected large companies and important infrastructure.
The good news is that it only takes a minimum level of security to eliminate most of the threats. Not using “Password123456” for sensitive accounts is a start, but more is needed. Multifactor authentication or “MFA” is a simple but highly effective layer of cyber security that is no longer optional.
“But My Information Isn’t Valuable”
Small business owners, in particular, often do not think that they have any information a hacker would be interested in. But this is based on a false assumption. Almost all attacks to small businesses—regardless of the industry—come from automated bots that scan the entire Internet searching for weak security. These bots can either carry out attacks completely on their own, or they can report vulnerabilities back to a hacker, who can then specifically target poorly secured data.
Something else to remember is that while your data may not be important to anyone else, it is invaluable to you and your business. Hackers know this, which is why they use ransomware attacks to lock you out of your network unless you pay an exorbitant fee.
What is Multifactor Authentication?
Multifactor authentication (MFA) or two-factor authentication (2FA) provides an additional level of security that can eliminate most automated threats. The majority of hacks come from automated bots that continually spam attacks anywhere they find a vulnerability.
With MFA, users are asked to verify their login attempt after putting in a username and password. This verification is typically a code you obtain through one of the following ways:
- Text message
- Phone call
- Authenticator app (like Google Authenticator or Duo)
- Authenticator device
Whichever method is used, you must either put in the correct code within a short period of time or verify your attempt to access your account some other way. This prevents malicious hackers from gaining access to your accounts without your knowledge. Bots that detect a network with MFA enabled will almost always avoid it altogether.
Setting Up Multifactor Authentication
Contact Simpleworks today if you would like to know more about cyber security generally, how to set up MFA on your network, or just to find out more about our managed IT services. The sooner you secure your network, the sooner you will eliminate a very real threat to your business.
