If you are doing things correctly, you’ve got a solid firewall protecting your network, enterprise-grade endpoint protection on each computer and (hopefully) some reliable content filtering in place to keep your employees (and your business!) safe. But there could be one very import piece missing here – – how do you know when these defenses fail? “Fail?” you say? “They shouldn’t ever fail!” Unfortunately, that’s just not the case. The old sports adage about offense and defense holds true in IT, too – – Defense has to be right 100% of the time and Offense only has to be right once to win. So, eventually, defense will always lose. And statistics show it is most frequently not even faulty technology at the root of the breach, it is the human factor. So, it’s not a matter of “if”, it’s a matter of “when”. With the increase of attacks lately on Microsoft 365, you’re not guaranteed security there, either.
From a thief’s perspective, stealing electronic data is the best type of crime there is – it’s easy to transport, there’s almost no risk of violence and you can steal from people who are across the globe from you. All you need is their password – – with it, you can log into their email and send messages as the CEO to the accounting department to have them wire money to your account. You can also remote into the network as the administrator and steal the company’s data to sell it on the black market or just encrypt it to sell it back to them (see our earlier post on ransomware). You just need the password. Read more
There have been several high-profile cases recently about organizations being hit by ransomware and having to pay the criminal hackers money to regain access to their data. Here are just a few of the most recent cases: a hospital in Kentucky, a hospital in Hollywood, a school in New Jersey, and a school in South Carolina. But what is this “ransomware” stuff, why is it so effective and, most importantly, how can you protect you and your company from it? Read more
So many times when we meet with new clients and we audit their network health and we get to the “How are you backing up your data?” question, the person in charge of the server will look up with a big smile and point out how they back up every night (like they were told to do) and how they switch their backup disks every day (“and see, we know that tapes are bad so we use USB disk drives”). And then they look at me expectantly and wait for me to tell them that their backup situation is all set. But, sadly, that’s when I have to (gently) burst their bubble and point out the flaws in their plan.
If you look at all of the high-profile information security incidents over recent years, they have one thing in common – – the breach occurred because of human error. Gone are the days when the attackers brute force their way through the external firewalls and protective systems using advanced “hacking” techniques. It is much easier for the bad guys to just get someone at the victim company to click on a link that contains some malware that exploits a known vulnerability and bang – – they are on the company’s network with control over at least one computer. And, once they have that access, it’s a relatively short, simple walk to having administrative control over many or all of the computers on that network.