Be Cyber Aware: If You Connect It, Protect It

Cyber Aware

In today’s age, we all must be cyber aware. The average American today has access to more than 10 Internet Connected Devices in their household. Most have at least 2 computers and 2 smartphones. Across the world, an estimated 30 billion+ devices connect to the Internet. This connectivity generates massive potential for advancement; but in turn, creates a paradise for hackers. This is nothing new. Hacking has been on the rise since the dawn of connected technology. And here’s the problem. Most businesses have maintained the same security protocols for just as long. The theory is that what they’ve done so far has worked, so why is there any reason for change? Here are the seven reasons why technology is more dangerous than ever before:

Side Note: Why focus on cybersecurity now? October is National Cybersecurity Awareness Month. For the past 17 years, during October CISA and partners have focused on cybersecurity. Follow us on Facebook and LinkedIn for more tips and tricks throughout the month. 

Let’s Be Cyber Aware About Ransomware

The first computer virus was introduced in the 1970s. It took over systems by replicating on the hard drive until the user didn’t have system space to operate. It was actually built as an experiment and had no malicious intent/implications. Today, viruses aren’t child’s play or experiments, and the most dangerous one takes over the hard drive completely, encrypting every piece of data.

If you’re connected to a network, it can then infiltrate the servers and start encrypting there. If your data backups are also on that network, you lose all access to a clean backup.  The only way to get this data back is paying the ransom (not recommended under the vast majority of cases), or working with an IT company to revert back to a clean data/decrypt the files based on the specific ransomware in play. Either way, you’re spending a lot of money and time to get back what’s yours to begin with, your precious data.

Part of Being Cyber Aware is Knowledge of Phishing

Phishing emails at one time were super easy to spot. The Nigerian prince desperately needed to send you money if you inputted all of your personal information. Since then we have become more cyber aware, but phishing attempts have improved. Today, phishing attempts are a whole lot smoother. The perpetrator researches enough to identify your boss, then sends an email under his/her name asking you to discretely transfer money or send identifying financial information. Unless you’re looking at the exact email address it’s coming from (typically spoofed by one or two letters in the domain), all of a sudden you’ve transferred $40,000 into an unknown person’s account thinking it’s your CEO.

You won’t think anything of it until you speak with your CEO later and realize that is wasn’t really them. These honest mistakes cost companies hundreds of thousands of dollars every year with very little recourse to get the money back where it belongs. Some experts say that employee mistakes cause nearly 92% of breaches.

Insider Threats

As more people work remote, particularly with the urgency of the past six months, businesses have lost tight control on their data, increasing the threat of malicious insiders. While we want to trust every person working for us, that one disgruntled employee who decides to store a copy of the customer data before putting in his two-week notice, could wreak havoc on your business when they decide to work for your closest competitor. Virtual Office solutions can alleviate a lot of the pain this could cause and allow you to keep every piece of data exactly where it belongs.

Data Leaks and Password Practices

Malicious insiders can cause these leaks, but they’re also the password leaks from major players that you hear about frequently. You may be wondering how a LinkedIn password breach can really hurt you in the long run (after all they really just gain access to your professional resume). 53% of people admit to reusing their password on multiple accounts. Hackers rely on this. They can sell the password or utilize that password to hack much more dangerous things, like your banking institution. Our best recommendations: use complex passwords, don’t reuse passwords, use a password vault to keep track of all your passwords, and implement two-factor authentication wherever you can.

Become Cyber Aware About Cryptojacking

Cryptocurrency is a hackers’ favorite payment method. It is untraceable and extremely valuable. Beyond requiring cryptocurrency for the vast majority of ransomware attempts, some hackers infiltrate a system and use it to mine cryptocurrency without the user’s knowledge. They get in utilizing a malicious email link or through malvertising (advertising that carries nefarious code). A user may recognize slightly slower performance, but they more than likely never know that someone is using their system to mine cryptocurrency. Some codes also spread throughout networks, so that hackers can maximize their financial gain using someone else’s resources.

IoT Hacks

As we connect more devices to the Internet, particularly those items in our homes – stoves, cars, Alexa or Google – we open another target for hackers to infiltrate our lives. They may canvas homes through your connected camera system or baby monitor, install viruses on your stove or vehicle that impact performance, or begin speaking to y0u randomly from your device. IoT can be safe, but you must make sure you’re utilizing as many security precautions as humanely possible.

Hacker Advancement

The greatest advantage for hackers is they have become more sophisticated and educated overtime, and the good guys haven’t been able to keep up. If you’re relying on internal IT or an MSP without security expertise, your team is most likely behind on the threats and not implementing everything they need to keep your staff safe. They should implement things like phishing tests, employee education, dark web scanning, hosted back-up solutions, crisis planning, multi-factor authentication, and professional-grade permissions control for administrative privileges to keep you safe. If you’re unsure of your security level with your current IT solution, contact us.

No Business as Usual

No Business as Usual

Currently, there is no such thing as Business as Usual. Every day, small and medium businesses are re-inventing how they function. The most unfortunate side-effect of this COVID-19 crisis is that many small businesses have closed, and many of those will not re-open. The economic repercussions from this event will ripple throughout the landscape for decades. Only the strong will survive.

For those who will survive this paradigm shift, now is the time to re-structure your business model and build a new foundation for the future. With many employees working off-site, businesses are noticing that they may be spending too much on their overhead, and they are also looking closely at the size of their staff. In the past few weeks, we have discussed laying-off and even furloughing employees, but in this blog, we will look toward the future and offer a few things to consider while moving forward.

Many businesses will be looking to restructure their operations once we come out of this mess. One huge change will be the need, or the lack of a need, for office space. With the average reduction in staff hovering around 50%, we’re seeing lots of empty office space these days. The first instinct is to hold onto that space and await your employees’ return, but there is a very good chance most of that unused space will remain unused.

Some financial experts tell us that there will be another Real Estate crash soon, but this time commercial properties and office space will be part of the cause. Besides the businesses that close, many businesses will either give up their current space or downsize to smaller spaces. What was once nothing more than bragging rights, large conference rooms are no longer needed. Now that we’re getting used to holding meetings through Zoom, Skype, and Teams, even our best clients might get annoyed if we asked them to drive to our office for a meeting. The fact is that we now have more options, and along with those, we have to opportunity to run a leaner company.

With fewer employees actually working from the office there’s no need for all that extra space. Even if a few employees do split working at home and coming into the office, you can stagger their days and multiple employees can share the same workspace. But, the fact is, many businesses are discovering that they can keep things running without everyone working from a centralized location. What was once unthinkable is now becoming the new norm.

Another thing to consider is evaluating your employees during these times. Now is the time to find out who your ‘A’ players are. Let’s face it, not everyone is cut out to work remotely. You’ll soon discover who your top performers are and who misses deadlines or causes delays. The bad news is, you may have to let some people go. But the good news is that there has never been such a great workforce available to hire. Tough times require us to make tough decisions, and, as business owners, we need to make decisions that are best for our company.

Jason Rivas, the head of human resources for a growing California business, says he is getting a lot of questions about assessing employees during these crazy times. Jason says, “Business owners ask me, is it fair to judge my staff now that some of them are working from home? My answer is always the same: Yes, it is. It’s not only fair, but it’s also a good thing for your business.”

Jason goes on to explain, “Now, I know when you hear the phrase, spotting your A-players, you immediately start thinking, “Well, that means there are favorites in the workplace.” It’s not that. When I call the best employees our A-players, I’m doing so because they’re not necessarily the favorites, they’re just the best-playing team members. Yes, it’s possible to not like someone but, at the same time, respect them for the great work they do.”

“We need to think about this as a baseball team. There’s always the first-string that goes out on the field to start the game. Then we have second-string, third-string, and so on. Even bench warmers.  We have people in the dugout, people in the bullpen warming up. But your A-players are the ones starting the game. You lead with your best, then fill any voids with other employees as needed. It’s survival of the fittest.”

As employers, we have the responsibility of making judgments and keeping our A-players on the field as much as we can. While we may have situations where furloughs, layoffs, or even temporary reduction in workforces have occurred, we always need to be mindful of spotting our A-players, and, even more important, spotting those employees who are putting in less effort.

It’s our role as business owners to make the decisions that keep our business going. We didn’t ask for this event to happen, and we sure weren’t prepared for it. But, as business leaders, we need to take actions that will shape the future. Life as we knew it has changed forever, and business will never be the same – but that doesn’t mean it can’t be better than it was. Act now. Decide if you’re paying for too much office space. Figure out if you can run an efficient business with remote employees. And surround yourself with the best employees you can find. 

Do these things and you’ll be ahead of the competition when we come out the other side of these strange times.

9 Things To Do Before Business Picks Back Up

Unfortunately, due to COVID-19, most businesses have slowed down. A recent Goldman Sach’s survey found that more than 50% of 1,500 small business owners said they couldn’t continue for more than 3 months at current rates. Rather than wallow and wait, though, take the opportunity to do those things that you never have time to do. Here are nine things that you should do now so that you’re ready to excel when this crisis is over.

  • Maximize your security protocols.

New security threats pop up every day. Even amidst COVID-19, hackers developed phishing attempts to prey on peoples’ thirst for news surrounding the virus. What happens when a hacker gains personal information from one of these attempts? Often, the value isn’t in the initial data theft or financial potential therein. Hackers really don’t care what your password to one particular site is. Instead, they sell the information on the Dark Web. Take the opportunity to lock down your security protocols, now. Start with determining if your information is on the Dark Web, then set up ongoing monitoring to maintain awareness. Beyond the Dark Web, make sure you have a security plan in place that includes your firewall, antivirus, and protecting remote connections. 

  • Write your compliance plan.

There are new privacy laws popping up all over the world, including data privacy laws across the US. How are you going to be compliant with customer, prospect, and website visitor data? In addition to website compliance, take a look at PCI, NIST, and HIPAA (if applicable) compliance. We can help you review your current compliance and create a plan to overcome challenges.

  • Update your hardware.

While you cannot use any PPP loan funds to cover hardware upgrades, if you received a PPP loan, you may have some cash available to upgrade your hardware to be prepared as business picks back up. Even if you weren’t lucky enough to secure funding in the first round of loans, still look at upgrading your computers systems. While you likely want to avoid the hefty expenses of a project, consider Hardware as a Service as an option to pay monthly for your hardware, lowering initial outlay and turning your hardware expenditure into an operating expense rather than a capital expense.

  • Refresh your website.

Creating your company website was probably a major undertaking. From writing the content to agreeing on design, it’s one of those projects that probably does not bring fond memories. The challenge is your website should be completed renovated every three to five years, while content updates every quarter. Dig back in and address your website, making sure you’re highlighting your most recent offerings and addressing SEO effectively.  

  • Clean up your leads list.

Databases get old and sloppy really quickly, especially if you don’t undergo regular upkeep. Who has time for regular upkeep? Now is the time to get everything straightened out. Audit your prospect and client lists. Remove duplicates, re-classify types, as necessary, and create a plan for ongoing upkeep so that you don’t have to undergo a major cleaning project again.

  • Create a strategic plan/ Determine Your Next Offering

If this crisis hasn’t shown you that you need to be agile, nimble and always have a plan for what’s next, I’m not sure what will. Brainstorm your next product offering, or your next marketing moving. Create a plan for the next 12-18 months. Strategic planning often hits the back burner but is critical for ongoing success. You’ve just been given a great gift – time to plan.

  • Collect testimonials and case studies.

If you’re doing your jobs well, customers are likely sending you emails of appreciation, anecdotes of quality customer service, and sharing accolades about your team.  Unfortunately, when you’ve got a lot on your plate, these tend to be fleeting messages in your inbox with a mere “thank you” response to the sender. Dig those out and position them as testimonials, case studies, and customer shout-outs for your website.

  • Educate yourself and team.

One of the biggest reasons business owners avoid training their teams is that it involves taking time away from the business. Immerse yourself and your teams in training so that they’re armed with best practices when business begins to rebound.

  • Update your standard operating procedures.

Documentation gets behind when you’re in the thick of day-to-day business resulting in standard operating procedures that are several years old and woefully out of date. Have your team take a look at your current standard operating procedures. Work through them one-by-one ensuring that you have the latest version on file and that you’ve removed any superfluous processes. Work toward a complete business manual to help any new hires and to ensure standardization across your team. We have every hope that the country will begin to safely open up very soon. In the meantime, though, make the most of this business downturn by prepping your business for resurgence.

The Most Important Thing You Need to Do When Video Conferencing During COVID-19

Just as people were starting to get in front of stay-at-home recommendations with robust video conferencing and on-line learning options, “zoombombing” was born, proving yet again that evil knows no bounds.

Zoombombing occurs when hackers break into Zoom meetings and wreak havoc by sharing inappropriate video or drawings, screaming obscenities, or posting hate speech. They attack open meetings, those that have no password, have posted the password online or that allow everyone to share their screen.

Hackers have worked swiftly to develop programs that can scrape hundreds of Zoom Meeting IDs every minute. Then, they go hunting for the most vulnerable meetings. Schools, church meetings, and even a student defending his doctoral thesis have been affected. The FBI has issued a warning about these challenges and Zoom has publicly apologized for their lapses in security.

What can you do about it? Businesses rely on successful video conferencing today to keep their teams connected, conduct meetings, and to continue to move the sales process forward as much as possible when the world is at a stand-still. Locking down your meetings with proper security protocols is the most important thing you need to do when video conferencing during COVID-19 and beyond. Here are a few steps you can take.

Use Alternate Platforms

Zoom is likely the biggest target because it is a free platform with an easy to use interface. It also has a few admitted security holes, placing it high on the list of easy to hack software. We recommend choosing an alternative, if possible. An upgraded version of Zoom with built-in, protected meeting rooms could be the answer. Teams, GoTo Meeting, or WebEx are your best alternatives. While more costly, these are more secure and protected programs.  

Lockdown Your Zoom Meetings

If you choose to utilize Zoom, make sure that you’re following a few important security protocols.

  1. Do not publish the meeting ID online. People do this to try to get a lot of audience participation in things like study groups or discussion platforms. This is just inviting a Zoombomber into your meeting. Instead, publish contact information to get the Meeting ID and login. Then, only provide the login to people that you know and trust.
  2. Secure meetings with a password. While it’s a little bit more challenging for people to enter, this extra step ensures that a nefarious player can’t gain access.
  3. Only allow one host. Some Zoombombers are getting in because the meeting is set to allow multiple hosts. That means they can actually start the meeting for you. Restrict your meetings to only one host.
  4. Lock down screen sharing. Only allow the host to screen share. You can pass this control as needed, but you shouldn’t just allow everyone to take control.
  5. Utilize the waiting room feature. This allows you to confirm people before they enter the meeting. Only allow those you know in.
  6. Use mute diligently. As the host, you have the ability to mute all participants. Know where that button is and prepare to use it should anything go awry.

Copious video conferences are going to be in our daily lives for the foreseeable future. Make sure you’re doing everything you can to stay safe.

3 Ways Technology Will Help Pull Us Through the COVID-19 Pandemic

Many businesses and people are struggling as the COVID-19 Pandemic. Closures of restaurants and bars, canceled events, and other restrictions force our society to practice social-distancing. In this time of need, we, as a group, are more prepared than most other industries to help our clients maintain their businesses through this crisis. As an MSP, we brand ourselves as partners to our clients, and now is the time for us to step up and help you, our partners.

These are scary times. Many businesses are closing their doors to help fight the spread of the COVID-19 virus. Unfortunately, businesses like restaurants, bars, bowling alleys and movie theaters cannot operate remotely because they count on patrons walking into their facilities. But certain sections of other businesses, like accounting, law, and even parts of the medical and dental fields can utilize the efforts of remote employees.

Much like the disaster recovery plans, we offer for technology, we can also help with the back-up solution of setting up people to work from home. We deal with remote employees daily, so it is something we’re used to figuring out and operating smoothly.

We also regularly use the internet to communicate with each other using platforms like GoToMeeting, Skype, and Facetime. Around this office we have daily meetings with remote employees, so we’re used to setting up access for meetings and special events.

The technology on our side allows us to maintain productivity and ensure life will continue at a somewhat normal clip. With that being said, we believe there are three key reasons why technology will pull us all through the COVID-19 Pandemic.

  1. Remote Work Capabilities: You may have never dreamed you’d be writing up your next big report with your child sitting next to you playing their online educational game, but here we are. Many employers have sent their employees to work from home in an effort to quell the spread of COVID-19. With strong remote access or VPN, work continues without a great deal of interruption.

  2. Virtual Events/Streaming: Events organizers across the country are canceling, postponing, or moving events online. Technology allows these events to continue without major hiccups. Artists taking to Facebook Live to perform, speakers moving to platforms like Zoom or YouTube, and church services across the world streaming, only reveals the tip of the iceberg when it comes to streaming technology.

  3. Communication: Video chat, online messaging, email, and phone communication will keep the world connected through this difficult time. We’ll quickly see how important it is to connect with our fellow man for work, pleasure, and sanity.

During these trying times, it is our job, as IT professionals, to help those who are in need. Whatever we can do to help our local businesses keep their heads above water will only make our community stronger. People helping people, and professionals helping businesses stay open.

It is unknown how long drastic measures stemming from COVID-19 will last, but with technology on our side, thankfully the world will continue to progress.

5 Tips for Successfully Working from Home

COVID-19 has forced event cancellations, school closures, and a consideration for remote work where possible. As more companies are sending their employees home to work, we compiled this list of tips to be successful away from the office.

  • Reliable Internet: Nothing is more frustrating than having spotty Internet, especially when you’re trying to work on a big project through a remote access connection to your work computer. Most Internet packages available today will be fine. However, you might need to curb ancillary access of the Internet, like streaming and gaming if you’re trying to do something more than upload and download documents. If your Internet seems slow, shut down and restart your router/modem. This can sometimes speed things up for a while.
  • Good Computer Hygiene: You know that “It’s time to update” pop-up that you’ve been avoiding for weeks? Take the time to update. This is most likely handled automatically by your IT team at the office, but your home system may be woefully behind, curbing your speed, as well as opening up unnecessary security holes. We recommend applying security patches as they are released to keep your computer up to date. Not sure if there are updates available? You can check your computer’s control panel for notifications. You can also try simply restarting your system. Often, the updates will kick into gear.

To maximize effectiveness, watch the number of programs you’re attempting to run and browser windows you have open at any given time. Computers are not great multi-taskers; they will regularly switch between a multitude of processes (the instructions behind your applications) to complete commands. In fact, the number of processors in your system is the maximum number of things your computer can be “working” on at once, so if you’re seeing a drop-off in performance, take a moment to close a few programs that are not actively in use.

  • Connect Securely: In order to protect your business, connect through remote access software or VPN. This will allow you to use your regular work desktop without risking business data in an open atmosphere. Consult with your IT team to review their plan for remote access as well as enterprise-grade antivirus before beginning remote work.
  • Establish a Routine: When you go into the office, you have a clear routine. You come in, grab a cup of coffee, banter with your co-workers for a few minutes, sit down at your desk, and get to business. While it may be appealing to work in your pajamas, try to maintain as much normalcy as possible. Stick with a clear starting time and work schedule. Create an office space so that you’re not just piled up on the couch. Plan to get dressed and ready for the day, just like you’re going into the office. In essence, act like it’s just another day at the office.
  • Over-communicate: You may find yourself feeling isolated pretty quickly when working from home. This is likely because you’re missing out on the short interactions and general banter with your colleagues. We highly recommend setting up a daily touch-base with your team in order to discuss priorities, work through sticking points, and to simply connect with other human beings.

Don’t be afraid to send more progress emails than normal. Utilize messaging apps liberally, and don’t underestimate the power of a video chat or meeting. If an email exchange is getting too long (more than three replies back and forth without solving the problem) pick up the phone.

Working from home can be an efficient way to keep a business running. When done right, you can be just as productive, if not more so, than at the office. Enjoy the opportunity presented by COVID-19 concerns to establish a new work normal, at least for a short period of time.

7 Necessities before Sending Your Workforce Remote

Due to the COVID-19 outbreak, many companies are considering work-from-home options to facilitate social-distancing and to keep their workforce healthy. However, it’s not as simple as sending your employees home, firing up personal laptops, and getting to work. Here are seven things you need to have lined up in order to successfully deploy your remote workforce.  

  1. Secure Remote Access: Employees should not have open access to everything on their work systems from their personal computers. This keeps company data protected. In order to be productive through this pandemic, however, employers will need to provide a secure connection utilizing VPN or remote access software. These solutions will mirror the employee’s work desktop without housing all of the data on the individual’s personal system, allowing them to seamlessly continue work.

  2. File Sharing Capabilities: While people will be working in isolation, they must still be able to collaborate. File sharing/group editing software will be critical to moving forward on creative or documentation projects through real-time editing, commenting, and versioning. Software like Dropbox for Business, Microsoft Teams/Sharepoint or Google Documents fill this need securely.

  3. Enterprise Level Antivirus: Basic home-level antivirus is not sufficient, particularly in secured industries. Extend your enterprise-level antivirus to home systems that will have access to your network in order to create an added layer of protection. You may also consider deploying firewalls on top of individual’s home networks to create the same secure connection employees experience in your office.

  4. Video Conferencing: Meetings must go on while people work remotely; however, voice-only leaves much to be desired in terms of tone and context. We highly recommend putting in place video conferencing options. You can implement something as simple as Google Duo/FaceTime, or something more feature intensive, like Zoom or GoToMeeting.

  5. Messaging Software: You can’t just spin your chair around to talk to your co-worker when working remote, yet it’s not efficient to always pick up the phone. We recommend implementing a messaging software like Microsoft Teams or Slack to open communication channels and allow employees to continue to interact quickly and accurately. Utilizing these tools, you can set up one-on-one conversations or set up channels to facilitate team communication.

  6. Phone: A strong VoIP solution will allow employees to take their office phone numbers remotely on their cellphones without giving out their cellphone numbers. Office calls will transfer seamlessly to the employee’s cellphones, voice mails will be sent via email, and the employee can dial-out using a phone application to maintain office functionality.

  7. Remote Access Policy: Prior to providing access to your employees, put in place a clear access policy that acknowledges that your company monitors whatever they do while connected. Employees should be encouraged to act as if they are on site even while working remotely and reminded that punishments for doing something illegal/against company policy will apply.

The COVID-19 situation is ever-changing. Schools across the nation have been closed and events have been cancelled. While it may make sense to keep your employees on-site for now, we believe it’s important to have a plan should you need to close your physical offices. Getting these seven pieces of the puzzle in line will prepare you to take your workforce remote. For assistance implementing these things, contact us today.

5 Reasons Hackers Steal Your Data

As professionals in the IT business, we all have firsthand knowledge that the web can be a dangerous place for anyone, especially if you run a business. The more we analyze security breaches, the more we ask the most crucial question: why? Why do people go through all that trouble to make life more difficult and dangerous for the rest of us?

Well, you can imagine that it differs from hacker to hacker. Just a  few common factors likely end up being the reasons why they do what they do and why they started in the first place. In today’s blog, we’ll take a deep-dive into the villains of our story, and explore some reasons why they do what they do.

1.) Identity Theft

Though you may not realize it, you are more important than you think—well, more valuable, anyway. You might think of you or your company’s value in terms of what is in your bank account, or the assets you may hold. However, you probably carry more potential value that you don’t tap into, such as not opening additional accounts and not maxing out your credit cards.

Consumer Affairs estimates that the average loss for an individual involved in credit card fraud last year was about $2000. That number might seem a bit low to some, but remember that most people only have a few thousand dollars maximum available on their credit card at any given time. Imagine if your company’s credit card was compromised. How much could you be on the line for? Or what if someone opened accounts or took out loans using your stamp of approval? For many of us, the losses could be staggering.

2.) Ransomware

The last few years have taught all of us to fear that word. From small to large businesses, from individuals to local and national governments, no one is safe from these threats. As far as a reason for this type of attack, the answer is simple: hackers identify and attack victims that can give them a good return on their time invested.

When hackers hold an organization for ransom, the victim often ends up paying because they can’t afford to operate too long without productivity. While some sources report that overall ransomware attacks are down, lately, they have become more sophisticated and demand more money to release the “hostage” data or systems.

3.) Mooching Off Your Equipment

Hackers generally have less money and fewer resources than the people they steal from. Sometimes the reason for the attack isn’t just for cash, but rather for access to available operating systems. This type of hacker is looking to take advantage of large servers with massive computing power for activities such as mining Bitcoin. Sadly, they probably don’t plan on giving you a cut. They’ll use your processing power late in the night and stick you with the extra electrical charges. Another reason why you should always check your bills!

4.) Because They Can

You could consider this to be the scariest category of a hacker since there’s nothing that can be done to stop them. They can best be summed up in a quote from Alfred in The Dark Knight when he said; “Some men aren’t looking for anything logical like money… some men just want to watch the world burn.”

Since a person like this doesn’t have anything other than personal accomplishments as a goal, they can be harder to catch and harder to convince to change their dastardly ways. For example, in one month in 2000, a young man by the name of Michael Calce (who used the handle “Mafiaboy”) took down the systems of CNN, Yahoo, Dell, and Amazon. All are substantial companies with state-of-the-art security systems. What was his grand reason for doing this? To prove that he could. While this is not the most common category of the hacking community, they can still be some of the most difficult hoodlums to deal with.

5.) To Sell Your Information

This is one of the more significant issues today. We live in an era where the greatest currency is information. Once hackers get their hands on information such as credit card numbers, passwords or even patient records, selling personal data on the Dark Web is very straightforward. To make it lucrative, they need to deal in volume. According to some reports, credit card numbers typically sell for around $10 a piece. For the same amount of time and energy it would take to steal your private information, they can accumulate hundreds or thousands of pieces of information by accessing your customers’ records.

The scary part is, once your stolen data is out there for the highest bidder to snatch up, you can be on the hook for damages. Currently, there are dozens of high-profile lawsuits in progress for businesses whose systems were hacked and now private and sensitive data from their clients are exposed for all the world to see… for the right price.

Regardless of the reason hackers do their dirty work, it’s up to us to protect the data we have access to. We just need to update our security systems and stay one step ahead of the criminals. If you don’t feel that your current security measures are up to snuff, give us a call today! We’d be more than happy to assess your current set-up, and show you how you can implement a plan to make sure you won’t be defenseless against those unsavory characters on the web.

The Risks of Cyberattacks with Windows 7

We hope you understand that this article is being written with tears in our eyes. After months of being part of the loud choir warning about the End of Life of Windows 7, some estimates state that up to 32% of all computers worldwide are still using this operating system!

Currently, the most common cyberattacks against small and medium businesses are phishing, malware, denial of service attacks, man-in-the-middle attacks, and ransomware. A man-in-the-middle attack is named that way because a hacker wedges a barrier between two parties who are conducting a business transaction. The hacker then becomes the liaison for data swapping, so it is easy to steal sensitive data. An SQL breach involves installing malicious code into a SQL server and then siphoning out the data. And we’ve all heard the latest horror stories on how ransomware is holding businesses, corporations, and even whole cities hostage.

Although the funeral seats of Windows 7 are still warm, the first major attacks and vulnerabilities are already starting to raise their ugly heads. As the OS becomes more and more obsolete and more information is passed from hacker to hacker on the Dark Web, the overall safety of your data becomes less and less.

Count the Costs

Data breaches do a lot more than just cause chaos in your office. Once your system has been compromised, you need to find a way to get your information back, either because you need it to function or because it may contain sensitive information. The 2018 IBM Cost of a Data Breach report calculated that on average, a data breach can cost your company $148 — per record. Many companies have hundreds, thousands or even millions of records!

Besides the costs of just having the records themselves stolen, think of the liability that those stolen records can expose you to. Think about lawsuits if your customers’ personal or financial records become available to the public. If you’re a medical office or happen to have medical files on patients, a hack can put you in hot water with HIPPA violations, which can put you on the line for up to $25,000 for each breached file. Clearly just on a financial level, making sure your company is protected is worth its weight in gold.

The Problem and Solution

So, what exactly are hackers looking for? In a perfect world, they can trick you by either downloading a virus or hooking you with a phishing scheme. However, computer users have become more knowledgeable over the years, so those scenarios have become only minor tools for hackers.

As the expression goes, “Every lock has a key.” Sometimes there are ways to get into your system that were put there by design and sometimes the programmers made a mistake and created a backdoor in the OS without realizing it. Either way, it’s usually only a matter of time before one or more hackers find their way into your system. Once one finds their way in, they rarely keep this information to themselves and often sell it or just give it away.

In a normal situation like this, once Microsoft is aware of the vulnerability, they will create a patch to remedy the problem. A patch is downloaded code that will update the part of Windows where the problem is located. It is always recommended that you download and install patches as soon as they become available.

The End of Life Problem

When Microsoft or any other company says that its software is at its End of Life, it usually doesn’t mean that it will stop working. Rather, it just means that the company will no longer support it. In the case of Microsoft, that means that they will no longer provide security patches or any other updates in addition to not offering support from their techs. Really, it’s just a matter of time before the system becomes obsolete and holes are found in its armor.

Speaking of which, 2 security researchers at Guardicore Labs recently announced that the Barbarians are not only at the gates, they have already entered. According to them, a medium-sized medical tech company was hacked when pirates found a way into their system via WAV files. As we said, it’s just a matter of time before this grows to more and more ways to undermine the system of Windows 7 users.

The Obvious Solution

We’re not going to beat a dead horse on the topic, so we’ll just say that the best way to avoid these problems is by upgrading to Windows 10. But not so fast! Simply upgrading your OS is not going to keep you safe forever. Just because you will then have access to the safety protections that Windows 7 now lacks doesn’t mean it’s a one-and-done situation. You need to make sure that your systems are always up to date. Did you just get a pop-up for a new update? Stop what you’re doing and make sure that every machine on your system is updated. Having just one person put it off can put your whole network in danger.

We understand that there is a big difference between taking care of a single personal computer at home and a whole network of computers and servers at your business. Updates, especially on servers, can often be a time consuming and daunting task. That’s why we’re here to help. If you feel that you need a helping hand in making sure your system is up to date and stays that way, please contact us to see how we can assist.