Be Cyber Aware: If You Connect It, Protect It

In today's age, we all must be cyber aware. The average American today has access to more than 10 Internet
Connected Devices in their household. Most have at least 2 computers and 2 smartphones. Across the world, an
estimated 30 billion+ devices connect to the Internet. This connectivity generates massive potential for
advancement; but in turn, creates a paradise for hackers. This is nothing new. Hacking has been on the rise
since the dawn of connected technology. And here's the problem. Most businesses have maintained the same
security protocols for just as long. The theory is that what they've done so far has worked, so why is there
any reason for change? Here are the seven reasons why technology is more dangerous than ever before:
Side Note: Why focus on cybersecurity now? October is National Cybersecurity Awareness Month. For the past
17 years, during October CISA and partners have focused on cybersecurity. Follow us on Facebook and LinkedIn
for more tips and tricks throughout the month.
Let's Be Cyber Aware About Ransomware
The first computer virus was introduced in the 1970s. It took over systems by replicating on the hard drive
until the user didn't have system space to operate. It was actually built as an experiment and had no
malicious intent/implications. Today, viruses aren't child's play or experiments, and the most dangerous one
takes over the hard drive completely, encrypting every piece of data.
If you're connected to a network, it can then infiltrate the servers and start encrypting there. If your
data backups are also on that network, you lose all access to a clean backup. The only way to get this data
back is paying the ransom (not recommended under the vast majority of cases), or working with an IT company
to revert back to a clean data/decrypt the files based on the specific ransomware in play. Either way,
you're spending a lot of money and time to get back what's yours to begin with, your precious data.
Part of Being Cyber Aware is Knowledge of Phishing
Phishing emails at one time were super easy to spot. The Nigerian prince desperately needed to send you
money if you inputted all of your personal information. Since then we have become more cyber aware, but
phishing attempts have improved. Today, phishing attempts are a whole lot smoother. The perpetrator
researches enough to identify your boss, then sends an email under his/her name asking you to discretely
transfer money or send identifying financial information. Unless you're looking at the exact email address
it's coming from (typically spoofed by one or two letters in the domain), all of a sudden you've transferred
$40,000 into an unknown person's account thinking it's your CEO.
You won't think anything of it until you speak with your CEO later and realize that is wasn't really them.
These honest mistakes cost companies hundreds of thousands of dollars every year with very little recourse
to get the money back where it belongs. Some experts say that employee mistakes cause nearly 92% of
breaches.
Insider Threats
As more people work remote, particularly with the urgency of the past six months, businesses have lost tight
control on their data, increasing the threat of malicious insiders. While we want to trust every person
working for us, that one disgruntled employee who decides to store a copy of the customer data before
putting in his two-week notice, could wreak havoc on your business when they decide to work for your closest
competitor. Virtual Office solutions can alleviate a lot of the pain this could cause and allow you to keep
every piece of data exactly where it belongs.
Data Leaks and Password Practices
Malicious insiders can cause these leaks, but they're also the password leaks from major players that you
hear about frequently. You may be wondering how a LinkedIn password breach can really hurt you in the long
run (after all they really just gain access to your professional resume). 53% of people admit to reusing
their password on multiple accounts. Hackers rely on this. They can sell the password or utilize that
password to hack much more dangerous things, like your banking institution. Our best recommendations: use
complex passwords, don't reuse passwords, use a password vault to keep track of all your passwords, and
implement two-factor authentication wherever you can.
Become Cyber Aware About Cryptojacking
Cryptocurrency is a hackers' favorite payment method. It is untraceable and extremely valuable. Beyond
requiring cryptocurrency for the vast majority of ransomware attempts, some hackers infiltrate a system and
use it to mine cryptocurrency without the user's knowledge. They get in utilizing a malicious email link or
through malvertising (advertising that carries nefarious code). A user may recognize slightly slower
performance, but they more than likely never know that someone is using their system to mine cryptocurrency.
Some codes also spread throughout networks, so that hackers can maximize their financial gain using someone
else's resources.
IoT Hacks
As we connect more devices to the Internet, particularly those items in our homes - stoves, cars, Alexa or
Google - we open another target for hackers to infiltrate our lives. They may canvas homes through your
connected camera system or baby monitor, install viruses on your stove or vehicle that impact performance,
or begin speaking to y0u randomly from your device. IoT can be safe, but you must make sure you're utilizing
as many security precautions as humanely possible.
Hacker Advancement
The greatest advantage for hackers is they have become more sophisticated and educated overtime, and the
good guys haven't been able to keep up. If you're relying on internal IT or an MSP without security
expertise, your team is most likely behind on the threats and not implementing everything they need to keep
your staff safe. They should implement things like phishing tests, employee education, dark web scanning,
hosted back-up solutions, crisis planning, multi-factor authentication, and professional-grade permissions
control for administrative privileges to keep you safe. If you're unsure of your security level with your
current IT solution, contact us.