The number of cyber-attacks, and especially Ransomware, had maintained a steady, measured increase over the last few years, with the advent of COVID and the ensuing lockdowns, with major increases in the numbers employees working from home, the Ransomware assault EXPLODED. This is due to the increased vulnerabilities inherent in remote-connection end users, and crooks know the painful reality that there are a lot of incompetent ‘IT Guys’ out there, haphazardly jerry-rigging thousands and thousands of remote connections.

Be Like the THIRD Little Pig

Too many companies don’t even know that the security ‘houses’ that IT Guys have built for them are made out of straw or sticks, as in the tale of The Three Little Pigs. While the other two danced and played after they completed their weak constructs, the third little pig toiled away with his bricks and mortar. Only his was left standing.

Unlike the Big Bad Wolf, cyber criminals don’t come up to the front and demand entry… or else. It doesn’t matter how many hairs you have on your ‘chinny chin chin’, the crooks don’t announce themselves – they just blow your house down and steal your data or encrypt it until you pay a ransom (Ransomware).

To Keep YOUR House Standing You Need Cyber Security

There’s no discussion here. It’s not an opinion, any more than the idea that you need a roof to keep the rain out of your house. If you do not know if your cyber defenses are built of straw, sticks or bricks, you need to find out, because once the Big Bad Wolf blows your network down, you won’t be able to flee to the shelter of a business whose security is made of bricks – except to ask for a job there once your business collapses.

With our reliance on the internet as a prime business tool to stay connected, the lurking danger posed by hackers is never far from you. Think of a 15-foot-thick castle wall: you are on the inside, but just 15 feet away is your enemy, the cyber crook. Without the wall between you, he would already be pillaging your kingdom.

When we talk about multi-layered cyber defenses, it’s like having not just a wall, but a moat and drawbridge as well. If you are relying on a cheap firewall and ‘FREE’ Anti-Virus as your only defenses, you are just waiting to be sacked like Rome was in 410 AD.

Cyber criminals are very serious: they do their homework and spend a LOT of money on Research & Development (R&D) to get around even the most sophisticated, ‘Next Generation’ defenses. They are not fooling around – this is a multi-billion dollar industry, and you need to be just as committed to keeping them out as they are about getting in.

The 5 main responsibilities a business has in terms of keeping cyber communications protected:

1) A communication stream that works: User friendly, stable and reliable
2) Storing user information
3) Protecting User information
4) Unfaltering ability to easily execute all tasks at all times, flawlessly
5) Vigilance and strong defenses against cyber-attacks

Types of Cyber-attacks:

Malware:

Constitutes any viruses, worms, trojan horses that is used to infect your system. These entry devices carry different types of programs which self-execute upon entry, which means they start running in your system. The two main purposes these malicious entities have are:
1) To steal your data, from banking info to client information. You will not be aware the malicious program is in your system while it robs you blind.
2) To Encrypt your data, as in THE most prevalent – Ransomware. Your system and data are unavailable to you until a ransom is paid in crypto currency. This program immediately makes you aware of its presence by locking you out and showing a screen detailing how to pay them off.

Botnets & Zombies:

Botnets infect a system and take command of all computers in the system, which then become Zombies. These are used for two purposes:
1) To steal your data. Self-explanatory
2) To commandeer your computing power
This operates on the same principle as the Search for Extraterrestrial Intelligence (SETI@home), which used  the home computing power of thousands of volunteers for decades to perform calculations. Crooks have been usurping computing power for ‘BitCoin (or other crypto-currencies) Mining’: to perform the many thousands of transactional verifications it takes to earn a BitCoin.

Scareware:

Boo! This malicious player sends you phony security warnings, usually in the form of ‘pop-ups’ that tell you your system is compromised, and to fix it, you need to install what appears to be a legitimate program. It is not – even if it appears to come from a trusted, known source like Microsoft. Scareware scares you into downloading the malicious program yourself.

Denial of Service (DoS):

Usually, we see this in large corporations. This attack bombards your system, basically, ‘hogging’ the resources, keeping them occupied so they are unavailable to end-users.

What To Do:

User Training:

While the number fluctuates slightly from year to year, consistently 80% plus of successful cyber-attacks are caused by an unthinking and untrained employee falling for a scam to open an attachment or click on a link – predominantly in ‘Phishing’ emails. Training must be ongoing, and repeated. Having your staff sit in on a one-time hour-long seminar WILL NOT suffice.

We talked about moats and castle walls, but what good are the strongest defenses when someone on the inside lets the crooks in?

Firewalls and Anti-Virus (AV):

As mentioned above, do not go cheap on these two items. They are a crucial cog in the wheel of your system security. These need to be Next Generation, and Top-of-the-Line, which you need to Purchase or license and keep up to date. After your end-users, these are your system’s first line of defense.

Passwords, Passwords, Passwords:

We know, all these passwords are a hassle – but they are crucial:
The best tips for creating strong passwords are here:
https://itsupportla.com/creating-strong-passwords/

Multi-Factor Authentication:

After passwords, at least one other level of authentication should be in place. Choices range from personal questions, like “What is the name of your first pet as a child” or the old standby, your mother’s maiden name. Higher levels can include fingerprints or retinal scans. New technologies in this arena are emerging every day. Use them.

Hire the Best in Cyber-Security:

A ‘true’ Managed Services Provider (MSP) will be fully capable in this area as well as the over-all health and monitoring of your network. If you are still using ‘your nephew’ for IT, be careful – he may be very smart, even a genius, but a casual arrangement for your IT and security is just a disaster waiting to happen, and the disaster is almost guaranteed to be slow to resolve.

Backup, Backup, Backup:

Backups MUST be secure, reliable and data retrieval must be regularly tested. You MUST have at least the first two tiers below. The third is also recommended:
1) Local Backups: Read more here:
https://itsupportla.com/local-backup/
2) Cloud Backups: Read more here:
https://itsupportla.com/cloud-backup/
3) Cloud to Cloud Backups: Read more here:
https://itsupportla.com/cloud-to-cloud-backup/

Disaster Recovery Plan:

This is a blueprint for the steps that need to be taken in the event of a data breach or Ransomware attack. From attack recognition to full data recovery from backups, this must be laid out well in advance – usually by your MSP. Once disaster strikes, you will not be able to afford the time for some lesser ‘IT Guy’ to look things over and try to figure it out. For business, a cyber-attack is akin to a fire onboard a ship: no time to waste – the correct actions must be immediately performed.

Protect Your Business:

Whether you started in your garage and built your business from the ground up or otherwise acquired the company, it’s your baby now. Take care of it. If you are unaware of the status of your system, you need to find out where you stand.

If you are a business located in the Great Los Angeles or Ventura County areas, we offer you absolutely FREE, with no obligations or “hidden strings” attached, to run our 57 point Security & Network Analysis & Assessment and deliver a full, comprehensive System and Security Report that is yours to keep.

Read about this amazing offer here:
https://itsupportla.com/free-stuff/free-network-security-assessment/