In the 1930s, France built a trench network called the Maginot Line to rebuff any invasion. Thephilosophy was simple: if you map out all the places an enemy can attack, and lay down a lot ofmen and fortifications at those places, you can rebuff any attack. The problem is, you can’t mapevery possible avenue for attack.
What does this have to do with IT security? Today many business owners install an antivirusprogram as their Maginot Line and call it a day. However there are many ways to get into anetwork that circumvent antivirus software.
Hackers are creating viruses faster than antivirus programs can recognise them (about 100,000new virus types are released daily), and professional cybercriminals will often test theircreations against all commercially available platforms before releasing them onto the net.
Even if you had a perfect antivirus program that could detect and stop every single threat, thereare many attacks that circumvent antivirus programs entirely. For example, if a hacker can getan employee to click on a compromised email or website, or “brute force guess” a weakpassword, all the antivirus software in the world won’t help you.
There several vulnerabilities a hacker can target: the physical layer, the human layer, thenetwork layer, and the mobile layer. You need a defense plan that will allow you to quicklynotice and respond to breaches at each level.
The physical layer refers to the computers and devices that you have in your office. This is theeasiest layer to defend, but is exploited surprisingly often.
Here are a few examples:
Last year 60% of California businesses reported a stolen smartphone and 43% reported losing a tablet with sensitive information.
The breaches perpetrated by Chelsea Manning and Edward Snowden occurred because they were able to access devices with sensitive information.
For example, Comptia left 200 USB devices in front of various public spaces across the country to see if people would pick a strange device and insert into their work or personal computers. 17% fell for it.
For the physical layer, you need to:
keep all computers and devices under the supervision of an employee or locked away at all times.
Only let authorized employees use your devices
Do not plug in any unknown USB devices.
destroy obsolete hard drives before throwing them out
Next time in Part II, we will talk about the human and network layers of security.
There are some things that only people can fix. There are many security risks to which yourdata is susceptible, but there is one method that remains a wonderfully effective hacking tool.That is the phishing scam. This is a legitimate looking email that asks the reader to click on alink. If clicked, the link can infect the user’s computer with malicious software that can stealpasswords, logins, and other critical data. Alternatively, the email appears to be from alegitimate source, perhaps even duplicating a legitimate webpage. The distinction is that thephishing email asks the user to enter personal information, including passcodes. In either case,that is how hackers easily get into your systems.
What’s the best defense against this one? The single biggest defense is education. Trainingyour people to be constantly wary of all the emails they receive. One way some firms areeducating their people is by sending out their own “fake” phishing scams. Employees who clickon the link inside are greeted with a notice that they’ve fallen for a phishing scam and then areoffered tips how not to be fooled in the future. Think of it as the hi-tech version of Punk’d.
You may not be ready to go that far, but it is important to provide ongoing training to all of yourstaff about phishing scams. Your staff are all critical factors in your data security plans.
This cyberattack scheme hasn’t garnered nearly as much attention as the usual “break-in-and-steal-data-to-sell-on-the-Internet version,” but it can be even more debilitating. Ransomware attacks have begun appearing in the last few years and its practitioners are so polished that in few cases they even have minicall centers to handle your payments and questions.
So what is ransomware? Ransomware stops you from using your PC, files or programs. Thebusiness model is as old as the earliest kidnapping. They hold your data, software, or entire PC hostage until you pay them a ransom to get it back. What happens is that you suddenly have no access to a program or file and a screen appears announcing your files are encrypted and that you need to pay (usually in bitcoins) to regain access. There may even be a Doomsday-style clock counting down the time you have to pay or lose everything.
Interestingly, one of the more common “market segments” being targeted in the US has been public safety. Police department data is held hostage, and in many cases, they have given up and paid the ransom. They had little choice. They aren’t the only ones. A hospital in Southern california also fell prey, as did one in Texas.
Ransomware can be especially insidious because backups may not offer complete protectionagainst these criminals. Such new schemes illustrate why you need to have a professional security service that can keep you up to date on the latest criminal activities in the cyber world. Talk to an MSP about possible protections against ransomware.
You hear on the news all of the time about big cyber attacks on large corporations, and evengovernment agencies.The trouble with this news coverage is that is suggests a distorted view ofwhere cyber attacks are taking place. These attacks are not solely hitting large organizations.Small firms represent a significant portion of those who face cyber attacks. Being small by nomeans keeps you immune. In fact, small firms can be used as conduits to larger organizations.That is likely what happened in the case of Target Corporation in 2013
If you’re a small business, then you’re a target for cyber criminals. Last year, 71% of small tomedium size businesses were the victims of Cyber attacks.
Today’s concern is how you would respond to an attack. 31% of small to medium businesses donot have a plan of action for responding to IT security breaches, and 22% admit that they lackthe expertise to make such a plan. A data breach is disastrous.
Your response determines whether it’s a survivable disaster. You need to have a statement forcustomers ready, (47 states require businesses to disclose data breaches), you need to be ableto quickly access backups, and you need access to professionals with experience in disasterrecovery and business continuity.