Ransomware is a piece of malicious software that infects a computer or device and encrypts the data making it inaccessible to the user. A ransom is then demanded to regain access to the victim's data. A time limit to pay the ransom is often imposed (usually 24-48 hours) or you risk losing access to the encrypted data forever. If a backup is unavailable or the backups were encrypted too, the victim is faced with paying the ransom to recover personal files. Payment must be paid in Bitcoin and the ransom cost can be anywhere from a few hundred dollars to thousands of dollars. Once the ransom is paid, the attacker will send a private key that will allow you to decrypt the data.
If you are dealing with a ransomware attack now, here are some tips to handle it going forward.
If you need assistance dealing with a ransomware attack, Pennyrile Technologies can help! Contact us for a free consult today!
If you sit down and think about all the things that might cause your business harm, data loss should be at the very top of that list. Very few businesses in today’s day and age still operate on a pen-and-paper model and have instead shifted into the digital realm. Though this affords a great deal of convenience, things like cyber crime, natural disasters, and even hardware failure can mean the end of the line for your company. Disaster recovery as a service can change this.
When it comes to unexpected data loss that could potentially close your business forever, there are three ways it could happen:
Many small businesses currently pay for what is known as BaaS, or Backup as a Service. This essentially means that the companies’ data is backed up regularly and stored in a separate location. If a natural disaster, hardware failure, or cyber crime should occur, the data is not lost forever. This is incredibly beneficial, but it often provides business owners with a false sense of security. There’s no provisioning for network or computer needs with BaaS, which means that even though the data is safe, it cannot be accessed remotely, and this creates a significant amount of downtime.
DRaaS, or Disaster Recovery as a Service, solves this issue. It does include provisioning for network and computer needs. To better understand this, imagine that your company’s headquarters – including the onsite server – burned to the ground. Your BaaS provider has your servers and data saved and backed up on a server elsewhere, but it’s just a backup, so until you put a new server into place, your data and infrastructure is effectively useless. A DRaaS provider, on the other hand, allows your business to stay up and running with very little downtime (if any at all) thanks to offsite data redundancy.
For many small businesses who are still trying to build a reputation and make a name for themselves, several days or even hours of downtime can be devastating. It is important for small business owners to maintain their online presence through thick and thin, even in the midst of a natural disaster. This is exactly what disaster recovery as a service was designed to do; it provides small business owners with unprecedented peace of mind by ensuring things continue to run with minimal downtime – even in the midst of a true disaster.
Not too long ago, the New York Times’ website experienced a well-publicized attack, which raises the question – how can this happen to such a world-renowned corporation? If this can happen to the New York Times, what does this bode for the security of a small company’s website? What’s to stop someone from sending visitors of your site to an adult site or something equally offensive?
The short answer to that question is nothing. In the New York Times’ attack, the attackers changed the newspapers’ Domain Name System (DNS) records to send visitors to a Syrian website. The same type of thing can very well happen to your business website. For a clearer perspective, let’s get into the specifics of the attack and explain what DNS is.
The perpetrators of the New York Times’ attack targeted the site’s Internet DNS records. To better understand this, know that computers communicate in numbers, whereas we speak in letters. In order for us to have an easy-to-remember destination like nytimes.com, the IP address must be converted to that particular URL through DNS.
Therefore, no matter how big or small a company’s online presence is, every website is vulnerable to the same DNS hacking as the New York Times’ site. The good news is the websites of smaller companies or organizations fly under the radar and rarely targeted. Larger targets like the New York Times, or LinkedIn, which was recently redirected to a domain sales page, are more likely targets.
There is no reason to panic and prioritize securing DNS over other things right now. But there is a belief that DNS vulnerability will be something cybercriminals pick on more often down the road.
Select a Registrar with a Solid Reputation for Security
Chances are, you purchased your domain name through a reputable registrar like GoDaddy, Bluehost, 1&1, or Dreamhost. Obviously, you need to create a strong password for when you log into the registrar to manage your site’s files. Nonetheless, recent DNS attacks are concerning because they’re far more than the average password hack.
It was actually the security of the registrars themselves that was compromised in recent attacks. The attackers were basically able to change any DNS record in that registrar’s directory. What’s particularly frightening is the registrars attacked had solid reputations. The New York Times, along with sites like Twitter and the Huffington Post, is registered with Melbourne IT. LinkedIn, Craigslist and US Airways are registered with Network Solutions. Both had been believed to be secure.
So what else can be done?
A registry lock makes it difficult for anyone to make even the most mundane changes to your registrar account without manual intervention by a staff registrar. This likely comes at an additional cost and not every domain registrar has it available.
Ask your registrar about registry locking and other additional security measures like two factor or multi-factor authentication, which requires another verifying factor in addition to your login and password, or IP address dependent logins, which limits access to your account from anywhere outside of one particular IP address.
While adding any of these extra safeguards will limit your ability to make easy account change or access your files from remote locations, it may be a worthwhile price to pay.
Email us at email@example.com or use our contact form to see how Pennyrile Technologies can help your business today.
More cyber criminals are targeting small-to-medium sized businesses. One reason for this is too many workplaces have insufficient bring-your-own-device (BYOD) policies in place. Some have none at all. Although firms are generally more knowledgeable about network security risks than in years past, they still woefully underestimate the security vulnerabilities linked to mobile devices like smartphones and tablets. Protecting against mobile hacks is a real cause for concern since data breaches have the ability to put many already financially challenged SMBs out of business.
If customer/client data has been breached, there could be potential litigation costs, and naturally, lost goodwill and an irreparable hit to brand or company reputation.
SMBs say they view network security as a major priority but their inaction when it comes to mobile devices paints a different picture. A recent study found that only 16% of SMBs have a mobility policy in place.
Despite the fact that stolen devices are a major problem in today’s mobile workforce, only 37% of mobility policies enforced today have a clear protocol outlined for lost devices.
Even more troubling is the fact that those firms who have implemented mobility policies have initiated plans with some very obvious flaws.
Key components of a mobility policy such as personal device use, public Wi-Fi accessibility, and data transmission and storage are often omitted from many policies.
Thankfully, most SMB cyber crimes can be avoided with a comprehensive mobility policy and the help of mobile endpoint mobile device management services.
Your initial mobility policy doesn’t have to be all encompassing. There should be room for modifications, as things will evolve over time. Start small by laying some basic usage ground rules, defining acceptable devices and protocols for setting passwords for devices and downloading third-party apps. Define what data belongs to the company and how it’s to be edited, saved, and shared. Be sure to enforce these policies and detail the repercussions for abuse to help protect against mobile hacks.
Mobile device management (MDM) is software that allows IT administrators to control, secure and enforce policies on smartphones, tablets and other endpoints. The intent of MDM is to optimize the functionality and security of mobile devices within the business while simultaneously protecting the corporate network.
MDM services are available at an affordable cost. These services help IT managers, administrators, and business owners identify and monitor the mobile devices accessing their network. This centralized management makes it easier to get each device configured for business access to securely share and update documents and content and more on the business network. Mobile Device Management proactively secures mobile devices by:
It’s important to realize that no one is immune to cyber crime. The ability to identify and combat imminent threats is critical and SMBs must be proactive in implementing solid practices that accomplish just that. If your business needs help implementing mobile device management, give us a call or use our contact form and one of our staff will reach out to you and see how we can help secure your mobile devices.