Imagine this. You’re sitting at your desk, trying to respond to all of your emails, when all of a sudden your screen goes red and the following message pops up:
The first thing you probably do is start having a panic attack. You start hitting the escape key, hoping against hope that the message will just go away. But it doesn’t. You quickly switch to, maybe I’ll just pay the $300 worth of bitcoin and no one will ever know. But as you begin to pick up your phone to start googling, how do I pay a ransom in bitcoin, your team starts knocking on your office door, bursting with the bad news. It’s not just your data, everything is encrypted. And what’s worse, you don’t have an up-to-date backup.
This nightmare scenario has been played out in over 50% of SMBs that were breached in the past 12 months. 50%. That’s 1 out of 2 businesses. A flip of a coin. Even if you are a gambler, those aren’t good odds.
Knowing how the hackers are able to get to SMBs is the key to understanding how to outsmart them. Here are the top 3 techniques that hackers employ to attack your system:
1. Diverse delivery systems
Cyber attackers are not just one-trick ponies. They utilize a variety of delivery systems to increase their chances that someone in your company is going to click on something they shouldn’t. From social engineering tools like phishing spam and clickbait to malicious spam and advertising, hackers use a variety of means to trick you into clicking so they can take over your computer.
2. Complex coding
All of the publicity surrounding cybersecurity has helped encourage companies to beef up their security system. But that hasn’t stopped the attacks. Hackers frequently update their code to get past signature-based counter-measures that the first line of defense security programs typically perform. They also develop code that is meant to worm its way from system to system in order to infect as many machines as possible.
3. Difficult to trace payment system
Bitcoin remains the most popular choice of payment when it comes to paying a ransom. Bitcoin is easier to obtain and exchange, while providing a lot of anonymity. Ransom demands are made easy since attackers provide instructions on how to create a virtual wallet, buy the bitcoins to pay the ransom that will provide the code that will unencrypt your data.
Understanding how cyber hackers use these techniques is the key to getting a step ahead. Developing a multi-layered security system while educating your team on the best cybersecurity practices, will help ensure that your business will not become the next statistic.
Come to our free lunch and learn on Tuesday, May 8 at the Bethany Beach Ocean Suites to hear from a Watchguard cybersecurity expert and learn more about the best defense system to outsmart ransomware attackers. We look forward to seeing you there!
As seen in The Maryland Coast Dispatch
Ransomware is an increasingly common method of attack for hackers against individuals, small businesses and enterprises alike. While the first incidents of ransomware were discovered as early as 2005, the last three years have seen this type of threat explode in popularity and compromise millions of computers and mobile devices around the world. Sam Card discusses why SMBs are a target and what you can do about it.
Q: Why would hackers be interested in my small business when they can go after the big guys?
Sam Card: You may hear about the larger organizations in the headlines, but lately it’s the small businesses that are becoming the primary targets for cyber-attacks. The main reasons that hackers find small businesses to be an easier target than larger corporations are because of vulnerable security systems, minimal formal security training and weak security policies.
Vulnerable security systems can include things like out-of-date anti-malware and endpoint security, network firewalls and email security solutions. Also, there seems to be an absence of regular cybersecurity training for staff to avoid phishing email scams or improper data sharing. Finally, infrequent network monitoring and poor password practices have been reported as “low hanging fruits” that hackers look out for.
Q: What are some immediate things I can do to protect my business?
SC: Understanding the techniques that cyber hackers use to attack your systems is a great first step in getting ahead. Things like diverse delivery systems and complex coding are common entry points into your system, and the more you know about how they are getting in, the better you can protect yourself.
Developing a multi-layered security strategy is another crucial element to protecting your organization. You may think a simple anti-virus program is enough, but there are much better tools now that work together in tandem to ward off sophisticated attacks and ensure the correct back-up options are implemented.
Educating your team on the best cybersecurity practices is another imperative step in the security puzzle. Today’s employees are regularly exposed to attacks through everyday entry points like email and mobile. Training employees to recognize threats is an essential part of complete cyber security.
Did you know that 42% of small businesses consider ransomware to be the most significant threat they face today? That’s not surprising considering SMBs can lose over $100,000 per incident as a result of downtime. You might be thinking that your business isn’t a big enough fish to be spotted by cybercriminals, but that’s not the case at all.
Studies have shown that hackers find small businesses to be an easier target than larger corporations due to:
Just like a bank robber, hackers will go where the security is the weakest, even if the payout isn’t quite as big. This makes SMBs a prime target for ransomware since they tend to have weaker security systems and lack a full backup system. This can typically lead to businesses like yours paying the ransom to recover their data.
And if you are unlucky enough to be hit with ransomware and decide to pay the hackers, it is not uncommon that they refuse to provide the decryption keys or target your business again, requiring even more money the second time around.
This disaster will cost you money and impact your reputation – since customers are reluctant to entrust their data to a business with a poor security track record. But your business doesn’t have to be a victim. At Cards Technology, we have the experience, expertise and customized security solutions to prevent you from being the next victim.
Come to our free lunch and learn on Tuesday, May 8 at the Bethany Beach Ocean Suites to hear from a Watchguard cybersecurity expert and learn more about the current threat landscape for small businesses and the best defense system to prevent attacks on your system. We look forward to seeing you there!