Cyber Attacks Are on The Rise. Here Are Just A Few.

Network security and cyber attacks are typically not at the top of most peoples minds.  This isn’t unique to small business or even business owners.  Every person that uses a smartphone, tablet, laptop, etc. has some vulnerability to being attacked or defrauded by malicious actors with well-designed software.

Cyber attacks come in a seemingly infinite number of forms.  From email phishing scams to installing ransomware that shuts people and businesses down if they don’t pay a ransom to an anonymous criminal and everything in between.  You have probably seen a few of them come to your phone as odd text messages with links in them. (Don’t click them. ever.)

A recent report from the even suggests that cyberattacks have climbed in frequency already in 2021.  These conclusions are substantiated by the following recent incidents:

Colonial Pipeline Attack – May 2021

JBS (Meat Packaging Company) – June 2021

Steamship Authority Martha’s Vineyard – June 2021

None of the leaders in these businesses likely troubled themselves everyday worrying about their network security or back up protocols.  Why would they?  None of them have probably ever experienced something like a major ransomware, so there was no reason to consider the possibility of being attacked.  But that is the fundamental problem.  You never consider yourself a target until you’ve already been targeted and fallen victim.  But by then, it’s too late.

Here is another list of entities that hold vital data but were also victimized by ransomware:

Durham, NC County Clerks Office (2020)

Baltimore, MD City Offices (2019)

Atlanta, GA City Offices (2018)

City and county offices are growing in popularity as targets for phishing scams and ransomware too.  Again, not typically the kinds of offices you would expect criminals to exact ransoms from but that is what makes them vulnerable.

What is even more scary is how quickly we all collectively forgot about the indiscriminate “WannaCry” ransomware attack of May 2017.  That ultimately hurt thousands of businesses and people from over 150 countries.  The World Health Organization (WHO) was attacked during the COVID-19 pandemic.  PlayStation was hit back in 2011.  North Korea attacked Columbia Pictures in 2014 over the release of the film “The Interview”, which made satirical jokes about the North Korean government.  Equifax was breached in 2017 which resulted in the exposure of hundreds of thousands of confidential records about people’s credit.

What we see here is a pattern of indiscriminate but very damaging assaults on a diverse and varied number of networks, verticals, and computing parameters.  The point is that nobody is really safe or an unlikely target.  Anyone can get attacked at anytime.

The other thing that all these incidents have in common is that all of them have occurred in the last ten years, and all but two have happened in the last four.  Furthermore, once the incidents were investigated, it was very common to see that people working within these organizations had bad security practices or none at all.

It would be foolish to claim that all of these attacks could have been avoided with network security and standard backups, but it is fair to say that regular backups and thoughtful security protocols would have greatly minimized the pain, damage, and cost.  It is also fair to say that some of the incidents could have been avoided altogether.

What the takeaway should be is that security matters.  But people don’t have that epiphany until it’s too late.

If you have questions or think your network could benefit from better security protocols do not hesitate to contact us at CBS or your current I.T. service provider and have your network assessed.  This process doesn’t take long and could do a lot to help ensure your business and personal information remains safe.

E-mail Security in a Work From Home World

Moving from the office to working from home has brought with it more than a few changes to how we all do business.  Shifting environments means we have had to shift our practices regarding a multitude of processes, ranging from security protocols, to e-mail to basic network user access.

How can employees access private business information without losing security?

How can we make it easy for employees to access, use, and share vital information easily and efficiently?

How can we make data and vital business applications available anywhere to remote users?

These are just a few of the questions that business owners and I.T. specialists were facing virtually over night.

The good news is that most major service providers have already been developing and considering new ways to support these working environments for some time.  So the questions no longer surrounded if the necessary protocols and security measures could be implemented, but instead:

How many platforms, applications, and protocols were needed?

How/if could they be properly integrated?

What would it look like for each independent business?

How is the remote user affected and what measures need to be put in place to have them work properly?

While these may seem like simpler or easier problems to be faced with, they actually aren’t.  Security solutions and access protocols are very much customized around the unique needs and internal processes of each business.  So there is no simple, or one-size-fits-all solution regarding security.  Technical expertise is essential when developing and implementing a cloud platform like Microsoft Azure.

By using Office 365 or Azure you can allow for simple, single sign-in access to your network that has fully functional data backups and security in place.  Files that are being used and accessed remotely are being done so within the safety and security of a managed cloud service.  Furthermore, by setting up the platforms to integrate properly you allow remote employees easy and quick access to their active directory and files without losing or altering established access parameters.

Having these platforms implemented by experts creates a work from home environment that allows users to enjoy the access, functionality, and security of a fully functional business network.  However, due to the multitude of different functions and applications with platforms like Azure, it is very easy to make a mistake in setup that compromises performance.  So make sure you are working with an expert when you go through the setup process or you could mistakenly allow for potential vulnerability regarding security or performance.

One of the places where businesses are most vulnerable is through e-mail access and bad practices.  Since it is very easy to bounce information in and out of e-mail, many businesses could find themselves exposed to phishing scams, ransomware, and other digital threats that they didn’t face when they were working within their own on-premise networks.

E-mail is being used more and more maliciously now than ever before.  Security breaches can easily happen if employees are not properly trained on how to use e-mail appropriately.  Creating protocols for securely accessing e-mail and data that are simple to use, yet still extremely protective, can help prevent breaches that can cripple a business.

From local government offices to small privately owned business, everyone was targeted and many were victimized by phishing scams, ransomware, and spam attacks in 2020.  Most trends like this tend to get more malicious and brazen over time so it is important now more than ever to ensure that your employees are not making simple mistakes that can compromise vital information.

Here are a few examples of bad e-mail practices that compromised networks, private information, and destroyed businesses:

  • E-mailing company files to personal e-mail for easy access.  This takes private data from a secure environment to a potentially exposed network.
  • Clicking malicious e-mails that could have been filtered with proper security.  These e-mails often look safe an convincing and typically seem like they are from a trusted source.  It only takes one mistaken click to compromise a wealth of information.
  • Working as a remote user outside of the network opens up the potential for gaps to arise within the disaster recovery or backup protocols.  If your business network is regularly backing up your e-mail data, you will lose that the moment someone migrates files off the business network.

These are just a few of a growing list of examples where people and businesses were victimized over mishaps in e-mail.  There are plenty of steps and pre-emptive measures available to help mitigate and avoid these potential security pitfalls.

CBS has an experienced and certified team of I.T. network specialists that are ready to assist you in both setting up and optimizing your cloud network.  Contact us anytime to set up a network audit or simply ask a question.