15 Ways to Protect Your Business from a Cyber Attack

15 Ways to Protect Your Business from a Cyber Attack

ICS Data’s 15 Strategic Ways to Protect Your Business from a Cyber Attack

1 – Security Assessment: It’s important to establish a baseline and close existing vulnerabilities. When was your last assessment?

2 – Spam Email: Secure your email. Most attacks originate in your email. We’ll help you choose a service designed to reduce spam and your exposure to attacks on your staff via email.

3 – Passwords: Apply security policies on your network. Examples: Deny or limit USB file storage access, enable enhanced password policies, set user screen timeouts, and limit user access.

4 – Security Awareness: Train your users – often’ Teach them about data security, email attacks, and your policies and procedures. We offer a web-based training solution and “done for you” security policies. 

5 – Advanced Endpoint Security: Protect your computers and data from malware, viruses, and cyber attacks with advanced endpoint security. Today’s latest technology
(which replaces your outdated anti-virus solution) protects against file-less and script based threats and can even rollback a ransomware attack.

6 – Multi-Factor Authentication: Utilize Multi-Factor Authentication whenever you can including on your network, banking websites, and even social media. It adds an additional layer of protection to ensure that even if your password does get stolen, your data stays protected. 

7 – Computer Updates: Keep Microsoft, Adobe, and Java products updated for better security. We provide a “critical update” service via automation to protect your computers from the latest known attacks. 

8 – Cyber Insurance: Cyber insurace is always the last line of defense – everything else has failed. 

9 – Dark Web Research: Knowing in real-time what passwords and accounts have been posted on the Dark Web will allow you to be proactive in preventing a data breach. We scan the Dark Web and take action to protect your business from stolen credentials that have been posted for sale. 

10 – SIEM/Log Management: (Security Incident & Event Management) Uses big data engines to review all event and security logs from all covered devices to protect against advanced threats and to meet compliance requirements.

11 – Web Gateway Security: Internet security is a race against time. Cloud based security detects web and email threats as they emerge on the internet, and blocks them on your network within seconds – before they reach the user. 

12 – Mobile Device Security: Today’s cyber criminals attempt to steal data or access your network by way of your employees’ phones and tablets. They’re counting on you to neglect this piece of the puzzle. Mobile device security closes this gap. 

13 – Firewall: Turn on Intrusion Detection and Intrusion Prevention features. Send the log files to a managed SIEM. And if your IT team doesn’t know what these things are, call us today’ 

14 – Encryption: Whenever possible, the goal is to encrypt files at rest, in motion (think email) and especially on mobile devices. 

15 – Backups: Backup local. Backup to the cloud. Have a backup for each month of the year. Test your backups often. And if you aren’t convinced your backups are working properly, call us ASAP. 

Transcript

5.7: The 15 Ways came about from security meetings that we had. Clients said, you know, there’s a lot of verbiage, there’s a lot of product you’re talking about. I’d like to get a more concise list on what we have today and what we can work on tomorrow. So, that’s what the 15 ways became. It’s our checklist.

25.1: Items like your antivirus, your anti-spam, those are the more traditional things all the way up to into maybe a security assessment or more of the advanced encryption features that you might need.

So, yeah, at a 10,000 foot view, it’s the list that customers can get a quick understanding of where they sit at with security.

Top 5 Cybersecurity Tips for West Michigan Businesses

Top 5 Cybersecurity Tips for West Michigan Businesses

Our top five tips for your safety…

If you own or work for a small-to-medium sized business in West Michigan, you need to read this article.

It shows you our top 5 cybersecurity tips.

…and you’re going to want to understand what they are and why they’re important for your own peace of mind.

1. Enable Multi-Factor Authentication (MFA)

  • Multi-factor authentication (MFA) enhances account security by requiring users to verify their identity using multiple methods
  • Verification methods include passwords, fingerprints, or one-time codes sent to mobile devices
  • Enabling MFA can greatly decrease the risk of unauthorized access, even if login details are compromised
  • We recommend that Michigan businesses implement MFA, particularly for critical systems and sensitive accounts

2. Implement Vulnerability Scanning and Management

  • Regular vulnerability scans are crucial for finding weaknesses in network and software
  • However, scanning alone isn’t sufficient
  • Implement a comprehensive vulnerability management system (we can help!)
  • Go beyond identification to proactive management and resolution
  • Continuous monitoring and addressing vulnerabilities help stay ahead of cyber threats
  • Prevent potential breaches before they happen

3. Prioritize Cybersecurity Training and Awareness

  • Employees are a major vulnerability in organizations
  • Human errors like clicking on malicious (bad) links or falling for phishing scams can lead to cyber attacks
  • To reduce this risk, we stress the importance of cybersecurity training for all employees
  • Training educates staff about common threats, data security best practices, and recognizing suspicious activity
  • Empowering employees turns them into the first line of defense

4. Implement Immutable Backups

  • Data backup is crucial, but having backups alone might not be enough against advanced cyber threats
  • We suggest using immutable backups, stored on a computer inaccessible via the network (we refer to this as “air-gapped”)
  • This ensures that if your network is compromised, your backups stay secure and intact
  • It’s essential to store backups in multiple locations, including local and cloud storage, for redundancy and accessibility during emergencies

5. Invest in Cyber Insurance

  • Cyber insurance is vital for reducing the financial impact of cyber attacks
  • It covers expenses like legal fees, notification costs, and damages to third parties resulting from data breaches
  • Small businesses can transfer some risk to the insurance provider by investing in cyber insurance
  • This provides peace of mind and financial protection in case of a breach

The Top 5 Hacks of 2021

The Top 5 Hacks of 2021

As technology becomes an integral part of any business, they become more vulnerable to cybercriminals. Therefore, it’s essential to understand that cybersecurity is inevitable as you take your business to the online world. From ransomware attacks to the exploitation of business vulnerabilities, 2021 saw some high-profile hacks that crippled the operations in big companies.

As Wired experts put it, 2021 was the year of ransomware, data breaches, surveillance, and more attacks as criminal gangs became more aggressive. As a matter of fact, anything operating online is a target. Hackers are always looking for ways to make money or have fun by exploiting weaknesses in your systems. Let’s analyze the top 5 hacks in 2021 and what you can learn from them.

1. THE COLONIAL PIPELINE RANSOMWARE ATTACK

In early May 2021, Colonial Pipeline had the most significant cyberattack. Darkside hackers infiltrated their systems, stealing over 100 gigabytes of data and threatened to release it. That forced the largest oil and gas company to temporarily suspend its operations to contain the malware. That not only caused a fuel crisis but also panic in the whole Southeast region. Colonial Pipeline was forced to pay a ransom, but the damage caused was irreversible.

2. TWITCH DATA DUMP

Even though hackers mainly target government and financial institutions, entertainment companies aren’t safe either. In October 2021, an anonymous hacker shared around 126 GB of Twitch data, including its source code and history. The hacker also exposed the company’s confidential documents and the personal information of its users. Most Twitch accounts were compromised, forcing users to change their login information to avoid having their data going public. The hacker attacked Twitch to disrupt its operations and give its competitors an advantage.

3. CNA RANSOMWARE ATTACK

  1. Many companies use this tool for company meetings. It is easy to record the meetings you hold and have files available for later viewing for those who may have missed the gathering. You can easily post these files to a SharePoint site via Microsoft Stream, another program in Office 365.
  2. Gone are the days when you have to collaborate with teams just via email. Teams are a great way to share documents being worked on via SharePoint, as well as receive updates on changes and progress. This cuts down on the amount of emails exchanged in team settings as well.

4. KASEYA VSA RANSOMWARE ATTACK

Hackers exploited a vulnerability in VSA, a software developed by this giant IT service provider company. This attack affected more than 1000 companies, adding to the most significant ransomware attacks so far. These were mainly government agencies and businesses providing IT services. The attackers demanded a $70 million ransom for the decryption of the company’s frozen files. Even though Kaseya managed to restore the IT infrastructure of its clients, the damage caused was devastating. Apart from causing widespread downtime, it led to a Swedish supermarket chain closing and negatively impacted the United States-Russia relationship.

5. JBS FOODS ATTACK

JBS is the largest provider of beef and pork in the US. Its attack shows that hackers do not choose which companies or businesses to attack. In May, JBS suffered a ransomware attack that crippled its operations. They paid an $11 million ransom to regain access to their systems. What caused the attack remains unclear, but the company had to produce an enormous ransom in Bitcoin to the hackers to get the decryption key.

NO ONE IS SAFE: PROTECT YOUR BUSINESS

Hackers are not picky — they strike at the slightest chance. Cybersecurity is vital whether your business is in food, tech, insurance, or any other industry. These 2021 hacks should be a wake-up call for you to comprehensively protect your business from any cyberattack whatsoever. Cybersecurity is a problem affecting both small and large companies, creating the need for organizations to take it seriously and invest their resources in protecting their systems. Imagine paying millions or losing crucial data to hackers? That isn’t good for business.

Let ICS Data help keep your systems secure, protect your company’s data and avoid falling victim to cyberattacks. Talk to our experts for any IT-related information and services. We can help you protect your business from hackers.

Stay Clear of Hackers This Thanksgiving Weekend

Stay Clear of Hackers This Thanksgiving Weekend

According to pcmag.com, “U.S. Warns Hackers Will Try to Strike During Thanksgiving Weekend“. Moreover, US cyber authorities are urging companies, especially operators of critical infrastructure, to shore up their defenses during the coming holidays.

IT’S ALL ABOUT TIMING…

The root cause of the prediction is entirely based on employees being out for a given period of time, leaving technical infrastructure alone. They also state, “Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways—big and small—to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure,” the agencies said.

Ultimately, the authorities are nervous about hackers spreading ransomware to a victim’s network. As you may know, the idea behind ransomware is to cripple your files so that you have little to no access – to which hackers request a “ransom” (money) to open your network back up to you. And of course, there’s always the sweat about having your employees personal data, files, and the businesses most confidential information stolen.

“There haven’t been any specific events made by hackers thus far, but authorities also have noticed these attacks coming during holidays or weekends”, the agencies said.

As a result, the ongoing issue has prompted the Biden administration to make fighting ransomware a national security priority.

With that being said, we recommend your company take action to protect yourself against smaller, minor acts of ransomware and attacks from hackers. It’s only becoming more popular, and the time to protect your company’s assets is now. Get ahold of us today to see how we can help.

What You Need to Know About the Facebook Outage

What You Need to Know About the Facebook Outage

A few days ago, there was an interesting series of events that caused a Facebook outage. According to Facebook Engineering, “their teams learned that configuration changes on the backbone routers that coordinate network traffic between their data centers caused issues that interrupted this communication. This disruption to network traffic has a cascading effect on the way their data centers communicate, bringing their services to a halt.”

So, if you noticed that your Facebook and/or Instagram page was down on Monday, that’s the explanation as to why. In the same article, they provide an apology to “all of the people and businesses around the world that rely on them.” It’s a shame to see communications errors, but as we realize, they sometimes happen to even the largest of giants.

Let’s dive a little deeper into what exactly happened…

THE FACEBOOK OUTAGE EXPLAINED

As baffling as it seems, this did actually happen. Stacked Marketer mentions, “it could have been a deal of a century.”

Because Facebook-owned properties were offline, someone performed some DNS magic on Facebook.com causing it to appear “for sale” on many registrar websites. Twitter’s founder, Jack Dorsey, was one of the first to offer to buy the domain (see image to the right).

ICS Data - Jack Dorsey's Twitter Post About Facebook Outage

WHAT DOES THIS ALL ENTAIL?

It’s true, even the biggest tech companies in the world can have failures that cause catastrophe. That’s why it’s important to understand that live [hot] changes can affect outcomes at any stage of your technological process. Meaning, it’s better to test [stage] processes before doing anything to affect internal measures.

This Facebook outage cost Mark Zuckerberg billions of dollars. Now, we’re not saying that it could cost you that much, but you would lose time, money, and possible assets in the same situation.

Let’s talk today and see what other technical adventures we can help with.

Top Cyberattacks in 2021

Top Cyberattacks in 2021

EMAIL THREATS

SPOOFING

One of the top cyberattacks right now comes from bad actors attempting to impersonate your co-workers and employers. If you’re suspicious of a scammer, don’t reply! They’ll do anything they can to trick you into believing that you’re talking to someone you know and trust, through email and web threats.

Emails contain information that a lot of people don’t pay close attention to. One specific item is the “From” email address. Anther is the email address communicating with your email server where to send your “Reply” to. Both of these can be entirely different, and can alter the state of the “From” field to fool you.

Fortunately, MailShield and The Email Laundry protect you from impersonation attempts where the scammer actually uses the email address they are impersonating in the From field. An example of what that might look like is My Boss<myboss@mycompany.com></myboss@mycompany.com>. When you click Reply, it gets sent to the hidden Reply-To item.

Tip! If you create a new email and type in the To field myboss@mycompany.com, it will go to your boss!

Slightly less dangerous is when they don’t hide their sending address, such as My Boss<scammer@iamafake.com></scammer@iamafake.com>If you receive an email from a coworker that just doesn’t seem right, look for that give away!

PHISHING

Phishing is a very wide spread threat today. There are many types including spear phishing and whaling. Phishing attacks take many forms, but most of them involve posing as someone you know and trust. This can be a person or a company.

A common form of this is an email that claims to be from your server administrator stating that you have emails being held and to click a link and log in to claim them. When you click the link, you may be taken to a site that is made to look like the one you expect and be prompted to log in. You will have just given away your email password.

There are a number of account types that are targeted in this way. Imagine if your bank sends you an email saying click here to handle this urgent matter! You might think, “Uh Oh! I better do it right away!”. This is how your accounts can become compromised. Don’t trust the link, and don’t trust the button!

SPEAR PHISHING

Spear phishing is targeted phishing. This is when a specific individual, or a whole company, is targeted by phishing emails. Generally, the bad actors will start by obtaining as much information from the company’s website as they can. This includes any email addresses listed, as well as the names of any contacts that arelisted on the site. Once this is done, they often implement spoofing techniques.

WHALING

Whaling is the term used when the phishing methods are targeting the senior executives and other high profile targets. It is a specialized form of spear phishing. Generally, once the scammers have obtained enough information about a company, they will pose as the CEO and request a purchase, or a funds transfer. Usually, the purchase will be some kind of gift card and they will ask for the numbers once the purchase has been made.

WHAN YOU CAN DO!

There are some basics things that will help keep you safe from many, if not all, email threats. The first is to utilize an anti-spam service. There are some habits that you should get into that will also help keep you safe.

AS AN INDIVIDUAL…

  • Remember the From field of an email doesn’t always show who actually sent it or who will get the Reply!
  • Remember the Reply-To hidden item? Click New or Compose instead of Reply if you are suspicious. Then you know who you are sending to!
  • If anything about an email seems out of place, be suspicious!
  • If a known and trusted contact sends an attachment or shares a document that seems unusual, DON’T OPEN IT! Find an alternative method to confirm they sent it. Phone or face to face is best.
  • Only use the method of logging in to online accounts that you normally use. If there is an issue, there should be a notification waiting for you. If you get an email saying there is an issue with your account, don’t click the link.
  • Set up multi-factor authentication (MFA) when possible! MFA makes logging a little more of a hassle but the security benefit is enormous!

AS A COMPANY…

  • Establish policies! Set and follow rules on fund transfer and purchase requests via email. Phone or face to face confirmation is best, but even clicking New can help here. Except if the requesting email address was compromised…
  • Establish protocols. When you begin doing business with another company ask them if, and how, they send documents via email. Include
    • Is it an attachment? Or a shared online document?
    • What type of document?
    • What email address will it arrive from?
    • Are they sent on a schedule?

WEB THREATS

PHONE SCAMS

There are two ways you might be targeted by a phone scam. You might get a call from someone claiming to be a Tech working for Microsoft, or perhaps another well known maker of software. The Tech will then tell you they have detected that there is a problem with your computer and that you need to give them remote access to fix it. Hang up!

You may also suddenly receive a pop up while browsing the internet. The pop up will claim that a virus, or other “Urgent” problem has been detected and you will be urged to call a number provided so that you can be assisted.

The results of allowing a remote connection are usually, but not limited to:

  • Installation of malicious software that can steal sensitive data. This includes passwords, credit card information, email information, and any other confidential information stored on your device.
  • Permanent lock out from your device making future data access impossible without reinstalling the operating system. Worse yet, they may encrypt the data.
  • Inevitably, they will charge exorbitant amounts to “fix” the problems that they just caused.

The pop up may sometimes lock up your browser and prevent you from closing the page. In this case, you can:

1. Press CTRL , ALT , and the DELETE keys on your keyboard.

2. Select ‘Task Manager’

3. You will see a list of running applications. Select the browser you are using and press the DELETE key, or click the ‘End Task’ button.