BECOME A MEMBER

Cybersecurity for Business Owners

Cybersecurity for Business Owners

 
Cybersecurity. We hear about it all the time. What is it, why is it important, what are common threats, and how can you protect yourself? This article will attempt to answer these questions for the non-technical business owner.
 
What is cybersecurity? We live in a world that is fully reliant on technology that communicates through the world wide web. This information highway provides society with great amenities such as Netflix, Amazon, mobile devices and a remote workforce that is at a lower risk of contracting covid19. However, this platform also hosts bad actors’ intent on stealing valuable information at the expense of innocent victims. Cybersecurity is the process of protecting and recovering networks, systems, devices and programs from cyber-attacks. These attacks are steadily increasing and are getting more complex as attackers employ new methods powered by social engineering and sophisticated programming to bypass traditional security controls.
 
Why is cybersecurity important? The effect of cybersecurity breaches can be devastating to individuals and businesses alike. Both entities incur significant economic costs. Businesses are also subject to reputational and regulatory costs as described below.

  • Economic costs: Theft of personal identity information, intellectual property, corporate information, disruption in business activities and the cost of recovering from the attacks.
  • Reputational costs: Loss of consumer trust, loss of current and future customers to competitors.
  • Regulatory costs: Data breaches can result in your organization paying hefty fines or sanctions.
 
 
Examples of high-profile cyber-attacks include:
Clark County School District: On September 28, 2020, The Clark County School district in Las Vegas announced data breach of personally identifiable information (pii) affecting district employees plus 320,000 students. The pii included employee Social Security numbers, addresses and retirement paperwork. For students, the information includes names, grades, birth dates, addresses and the school attended. 
The district incurred a ransomware attack on August 27 which it declined to pay. On September 14th the hacker sent Clark County a warning by releasing on its website a file of stolen district information that looked to be non-sensitive. The data file that was publicized on the hacker’s website on Septmber25th contained the pii.
This breach represents a significant escalation in cyber-attacks, as sensitive information was stolen in addition to the ransomware demand. This will likely embolden other attackers. School districts are prime targets for attack due to remote learning during covid 19.
Capital One: Capital One announced a massive data breach in July 2019, reporting that a hacker accessed the information of over 100 million Americans and 6 million Canadians who have applied for credit cards since 2005. The applications the hacker accessed contained consumers’ personal information including names, addresses, zip codes, email addresses, phone numbers and dates of birth. Bank numbers and Social Security numbers were compromised for roughly 140,0000 U.S. credit card customers and about 80,000 secured credit card customers who had their linked bank account numbers accessed.
Equifax: The Equifax cybercrime identity theft event affected approximately 147.9 million consumers. Equifax shares dropped 13% in early trading the day after the breach and numerous lawsuits were filed against Equifax as a result of the breach. Not to mention the reputational damage that Equifax suffered. On July 22, 2019, Equifax agreed to a settlement with the FTC which included a $300 million fund for victim compensation, $175m for states and territories in the agreement and $100 million in fines.
While these are a few examples of high-profile data breaches, it's important to remember that there are many more that never made it to the front page.
 
What are common threats that we face? There are two main methods for cyber exploitations; unpatched software or a social engineering event where someone is tricked into installing something they shouldn’t. These two issues account for nearly 100 percent of intrusions.
 
 
Examples of common cybersecurity attack types include:
Phishing Attacks: Phishing attacks use social engineering steal user data and login credentials. It occurs when an attacker, posing as a trusted individual, tricks the victim to open a text message, email, or instant message. The victim is then deceived to open a malicious link that can freeze a system as part of a ransomware attack, reveal sensitive information, or install malware on the users’ system.
Malware Attacks: Malware (malevolent software) is code that is made to stealthily affect a compromised computer system without the consent of the user. Examples include ransomware, spyware, and trojan horses.
Ransomware: Ransomware blocks access to a victim’s data by using encryption. A demand for payment is then made to unlock the data. Frequently, a threat is made to delete the data unless the ransom is paid. There is no guarantee that paying a ransom will regain access to the data.
Drive-by Attack: Drive-by attacks are used to distribute malware. A malicious script is inserted into pages of an insecure website. This script can install malware onto the computer that visits the website. These attacks are called a drive-by because they don’t require any action on the victim’s part except visiting the compromised website.
Trojan Horses: A Trojan is a malicious program that misrepresents itself to appear useful. They spread by looking like routine software and persuading a victim to install. Trojans are considered very dangerous as they are often designed to steal financial information.
Distributed Denial-of-Service (DDoS) attack: DDoS attacks cause websites to become inaccessible to its intended users. This is accomplished by overwhelming the target with traffic or flooding it with information that causes a crash. DDoS attack deny legitimate users such as employees and customers access to the resource or service they expected.
Password Attack: A password attack attempts to decrypt or obtain a user’s password for illegal purposes.
Man-in-the-Middle (MITM) Attack: MITM attacks occur when an attacker to eavesdrops on a communication between two entities. The attacker intercepts communication they should otherwise have access to, hence the name “man-in-the-middle.” The attacker “listens” to the conversation by intercepting the message transmission and retransmitting the message while disguised as the original party. The intruder then gains control of the entire communication. This frequently occurs on public networks such as hotels and coffee shops.
Insider Threats: Inside attacks are attacks performed on a computer system by an individual authorized to access the system. Insiders that carry out these attacks have the edge over external attackers since they have authorized system access. They may also understand the system policies and network architecture. Furthermore, there is less security against insider attacks since most organizations focus on defending against external attacks. Insider threats can affect all elements of computer security ranging from the injection of Trojan horses to stealing sensitive data.
 

 
How can you protect yourself from cyber security attacks? Even if you don’t currently have the resources to bring in an outside expert to test your computer systems and make security recommendations, there are simple, economical steps you can take to reduce your risk of falling victim to a costly cyber-attack:
  • Implement a written security policy manual outlining acceptable use of data and security procedures.
  • Limit employee access to data and limit authority to install software.
  • Require individual user accounts for each employee.
  • Train employees in cybersecurity principles.
  • Use encrypted email for sensitive communications.
  • Do not open unsolicited emails or click on attachments or links.
  • Implement strong password management with 2 factor authentication.
  • Regularly change passwords.
  • Control physical access to your computers and network components.
  • Implement a business grade firewall with deep packet inspection, content filtering and intrusion detection.
  • Ensure all workstations and servers have the latest security patches and are kept up to date.
  • Ensure all workstations and servers have antivirus / security software and are kept up to date.
  • Implement Active Directory or LDAP environment with specific access controls.
  • Do not store sensitive data on mobile devices or laptops.  Do not use ‘desktop sync’.
  • Invest in a business grade backup and disaster protection system.
  • Secure your Wi-Fi networks. If you have a Wi-Fi network for your workplace, make sure it is secure and hidden. Use the “guest network” for visitors.
  • Do not use public WIFI for any kind of sensitive work.  Use a hotspot if you travel.
  • Do not use 'generic shared accounts' for accessing sensitive data.
  • Collect detailed logs from all workstations and servers.
  • Breach Insurance is a must if you store sought after data (medical, credit card, etc).
 
Additional information can be found at the Federal Trade Commission website: https://www.ftc.gov/data-breach-resources. There you can find two very helpful documents: “Start with Security” covering steps you can take to protect your business, and “Data Breach Response”, a guide to assist you through a challenging time.
 
Conclusion:
Businesses can expect to face an ever-increasing number of threats and compliance requirements in the coming years. As if dealing with a global pandemic was not enough, the community continues to face a severe shortage of IT security professionals, so managing the risks without outside assistance will not be easy. Fortunately, high quality support is available. With a multitude of firewall and endpoint management solutions, and a litany of advanced cybersecurity offerings, IT services providers are equipped to handle all those challenges. From assessing the risks and infrastructure to designing data protection systems, processes, and policies; they deliver the support small businesses need to survive today’s (and tomorrow’s) cyber offensive.

For help with your technology, contact your local TeamLogic IT office.
TeamLogic IT of Wilmington, DE
5584 Kirkwood Highway
Wilmington, DE 19808
(302) 446-4100
WilmingtonDE@teamlogicit.com

 

Create a website or blog at WordPress.com