Your Portland Business’s Network is Under Siege; Here are the Attackers

Posted by Randy Bankofier on Sunday, 20 May 2018 Randy Bankofier
Cyber-criminal and hacker in front of a laptop hacking into your Portland small business.

Every day the threats against our network and those we manage for our clients are in the crosshairs of some bad internet actors. And the threats are getting more voluminous and more dangerous.

Yes, the forces lined up against these bad actors are also gaining in sophistication but they’re always playing catch-up. That means that the threats freewheelingly operate until a block, patch or fix is developed and most importantly, actually installed.

Phishing for Victims

And, as usual, it’s not just attacks on your network that you want to be concerned about. It’s also where your employees are when online at work. In 2016 one in twenty sites were malicious URL’s, or websites. In 2017 this had risen to one in thirteen, a fifty percent surge. So knowing where employees are online could be very useful and is one feature of our cloud networks. It doesn’t mean you’re shadowing people, just keeping track of where they are on company computers during work hours.

Perhaps the most proactive thing you can do to protect your network is to engage in employee internet security training. We not only have webinars for their consumption, we can test in real time an employee’s propensity for opening a suspicious email and then educate them on the danger. Educating your people is one way to eliminate or greatly reduce their role as a major vulnerability to your network. Critically, the security training is ongoing as the threats and landscape change so does the nature of the curriculum.

So what threats is your network facing right now? Let’s look at “phishing”. Phishing uses an email that purportedly comes from a recognized source, which means your guard is probably down. Once the email or instant message is opened one finds a request for personal information such as a credit card number or even money and since it’s from what looks like your bank or other legitimate enterprise. Comply and you find out too late but if you’d carefully examined the URL you’d note that it is different in an often minor way.

For the record Symantec reports that spam rates are up over fifty percent and that’s true for companies with 1-250 employees all the way up to those with 2501 or more. There’s gold in them there attacks and a legion of cybercrooks working to mine it.

For an in-depth description of phishing in all its forms, see: https://en.wikipedia.org/wiki/Phishing

Malware

Cyberattackers use malware to attack your computer and your network. Unfortunately, this problem’s become even more harmful as it evolves so fast that it’s rendered most antivirus programs obsolete. They just can’t keep up. Now malware can invade and set up shop in your network. Then it can create all kinds of issues including stealing your data and financial habits.

But here’s a hopeful note, rebooting your computer kills malware. The problem is many of us don’t take the time to perform a simple restart. And turning your computer off (shut down) and back on later doesn’t do it with Windows 10, from what I understand, but rebooting it (restart) will. Might be a timely habit to adopt. And pass on to everyone with whom you work.

Ransomware

Boy, this one hits close to home as it happened right here in our offices. A tech from our Help Desk was called in immediately as the demand windows ominously tiled endlessly across the screen demanding $342 in Bitcoin within 72 hours. The tech simply took control of the lockedup files and deleted them replacing them with the most recent backup which was less than fifteen minutes prior to the attack. But we have an incredible backup system, the same kind we run for our clients so we have firewalled backups offsite in two locations and are ready for this kind of incursion.

Woe to those who do not have an agile I.T. department or vendor who truly stays on top of updates, backups and patches. And one that is really vested in network security measures layer by layer. It is not really about being impervious, it is about not being the low-hanging fruit that most small business unfortunately are. The key things to remember are that it is not a matter of if but when and just because it hasn’t happened? Day ain’t over yet.

According to Network Depot: In the modern working world, laptops and cellphones and tablets have grown more prolific, becoming an intimate part of our everyday work. These, too, invite malware into our network. Malware residing in the memory of our computers and laptops is incredibly difficult to detect, and because we don’t reboot our systems frequently, they linger for a longer time. When we use other devices (like tablets or cellphones) to remotely access the information in the infected-memory, the malware spreads. The malware itself can even spread from cell phone to computers via the shared wifi network. Sneaky, sneaky. Once an infected device connects to the business’s Wi-Fi, all systems are compromised. And this isn’t even Malware’s final form.

Bank Theft, Online Style

We’re so used to seeing the FDIC logo at financial institutions that we often think our business account is covered by this act. Not so! FDIC covers individual’s accounts, not business accounts. So when a hacker steals your login information and security questions and answers and makes a money transfer from the bank’s point of view it’s you. And if your system’s been hacked it’s your responsibility to keep it secure so any failure on that front can cost you big.

But there are things germane to your banking relationship you can do. Contact your financial institution and ask to be notified anytime a withdrawal occurs. Allow no wire transfers without your express approval and discuss whether it’s necessary for security purposes to have this approval in some form that prevents someone rifling your funds to another account or in cash. Consider multiple institutions that you pay different bills from to lower your risk of being completely drained in one fell swoop.

And we recommend you use a PC just for banking and shut it down completely after each session. Make sure this a “single use” PC, don’t let just anyone use it, restrict it to only those individuals permitted to perform banking functions and train them to use it exclusively for this use. Putting severe restrictions on this computer will eliminate much of the danger that comes from having a PC connected to the internet. But it’s important that those who do have access are well aware than it is not to be used for web surfing, shopping, Facebook or anything else. Period.

Consider also transferring all business transactions to a secure credit card limited to official expenses. Do not use a debit card on your business account. The fewer points of entry helps shield you from one of the hackers’ favorite targets: Your bank account and your cash therein. And once a hacker has intruded upon your system and installed “keylogger” software or something similar they can lay in wait, watching as you go through the normal rhythms of payroll, bill-paying and accepting deposits, ready to strike at the most opportune moment. For them.

The Threats Morph and Appear on a Daily Basis; Semper Paratus (Always Ready)!

It’s impossible in a short article to catalog all of the known threats to your Portland business network so we won’t even try. But once your network is under our purview you’ll find we keep it updated as soon as those updates are made available, we check your backups daily, and employ state-of-the-art security software so you can rest assured that someone is focused on your security. We can’t imagine a business network in 2018 that’s not getting this kind of protection. There are just too many known threats and our reports show that this is an ongoing effort to pierce and steal, rip and run, and lockdown and seize for ransom. No exaggeration is necessary and it’s getting worse by the day.

One thing is clear in this new and dangerous environment. A business that’s serious about security wants to ally themselves with a firm that will manage and maintain their network and one that’s well versed in internet security. Our owner is a member of an FBI Small Business Internet Security group and is driven to keep our client base up-to-date and safe. This requires a continuous stream of books (Future Crimes is a good one; real page-turner), webinars, articles and consultations but that’s okay as he only works half-days. He says he just has to determine which half of the twenty-four hours he’ll work. And that includes weekends. Driven indeed.

Take Action…

Call us today at 503-343-4541 to discuss your network’s current state and schedule an audit of it overall or a specific security audit to determine your level of vulnerability. We can find out where you’re at with our advanced diagnostic tools and then recommend what’s needed to get you up to our “best practice” standard enjoyed by so many of our customers so you can sleep at night.

Categories: IT Support