Recently I have sent out some emails about Ransomware and Cyber threats and the responses I received were interesting. The overwhelming response is “It can’t happen to us!” But yes, it really can. How do I know this? Let me explain.
Check your log files on your firewalls and servers. See how many invalid login attempts you have and how many denial-of-service attacks you are seeing. Hopefully not many attempts. How long do you think it will take cyber criminals to figure a way in? Are you using standard logins like Admin, Root, User, Support, etc.? Do you use private or public Key Pair Authentication? These are just some of the areas you want to look at.
Right now, you cannot turn on the news without hearing about the latest cyber threat. You have heard about the biggest occurrences this year which was the Colonial Pipeline and the JBS USA problems. Both had to shut down and rightly so to control the threat and get containment. This created a bigger issue for the consumers as it forced a shortage of supplies and a decrease of what was able to be sold of their products. These are just 2 stories of the hundreds of incidents that happen all the time. In discussions with major banks, they noted their local customers are getting attacked at about the same rate as the national averages. According to ZDNET so far in 2021 alone there have been more than 290 enterprises hit by 6 ransomware groups. A report from eSentire said the six groups have already brought in more than $45 million this year from dozens of local governments, hospitals, universities, and multinational conglomerates.
The world faces over 100,000 malicious websites and 10,000 malicious files daily. Phishing attacks account for more than 80% of reported security incidents.
What are some of the attacks?
In April, before the Colonial Pipeline hack, the computer system of one of the nation’s largest school districts was hacked by a criminal gang that encrypted district data and demanded $40 million in ransom or it would erase the files and post students’ and employees’ personal information online. Then on May 2 UF Hospitals were attacked in Central Florida. They wouldn’t comment on the amount of ransom, but the patient and employee records were attacked but luckily nothing was compromised.
Over the years cyber-attacks have been known to be a problem which threatens the security of your data and your business. In that time, we have seen the rise of technology to buffer you from the threats. What I used to tell people early on in my career is that if you choose not to secure your network it’s like leaving the front door of your home wide open. Anyone can come in and believe me they will.
In today’s world we have gotten used to our layers of security like firewalls, private cloud, and VPNs. Because of this we have a false sense of security. Why? Because people are knocking on our doors daily and we don’t realize it. Complacency has taken hold in most companies for lots of reasons. If you don’t believe you will be attacked that belief will be reflected in your risk assessment and spending money will be prioritized; because of the remote chance that you will be hacked.
But what will happen if you do have an attack? Is there a plan? Has it been tested? In my research as I talk to companies, I find out a lot about what they do. I also find out what they don’t do. “Yes, there is a plan!” they tell me with a bit of distain. “Great” I tell them. My next question is always “When was it last tested?” To that I usually hear a list of excuses such as: no time, too busy, no resources. This is how complacency sets in, but at the time when your IT department needs to shut-down the enterprise then what? What about the servers and devices which were added to the network, but you forgot to document?
Are you thinking that I am just another doom and gloom IT guy? That’s fine. I am challenging you to talk to your IT team and check the log files and see just how close they are coming. I have checked the log files of my clients randomly and they are all showing the same random attempts to log in from various user accounts (none of which my clients use). I see attempts from China, Russia, Saudi Arabia, and Italy just to name a few.
Google has registered over 2 million phishing sites as of January 2021 – this is up from 1.7 million from the previous January, which equates to a 27% increase in 12 months.
What can you do next?
What should your company be doing? You need to make sure your network is secure; your backups are running and that you can restore from your backups and have someone who’s function is to oversee the policies and procedures for your organization. Chief Information Officers (CIO) in Central Florida get paid between 180k and 350k plus benefits. If your company can’t afford one, find a company like mine that offers Fractional CIO services. When you subscribe to the service you get a dedicated CIO for a few hours a week, so they can create policies and procedures and do assessments based on your company’s needs.
At JAYCO Cloud Computing Solutions we are passionate about helping businesses like yours become the best they can be without spending a fortune, starting with education, and mentoring on IT processes and management. You must look for opportunities to take advantage of emerging technologies before your competition does.
Let us help you today.