Cybercriminals Ransomware Attacks

Cyberattacks, ransomware, phishing email, malware, data breaches, hacktivist, smishing and even vishing are all words you’ve heard in the news recently. By now, most of you already know what these words mean and have an idea of how to protect yourself and your business from such attacks. However, many of you may not realize how easy it is for these cybercriminals to get access to your credentials and into your network. Regular backup systems, which once protected against ransomware attacks, are no longer providing the protection that they once did.

Hackers are finding more creative ways to turning your network into their own devil’s playground. In recent years Cybercriminals have come to find that the same network access levels they need to plant ransomware files also allowed them to exfiltrate data, allowing them to get around backup files that stood between them and extortion with an immediate payday. Ransomware attacks with extortion in mind, have become increasingly popular since they first emerged in 2019. Cybercriminals encrypt victims’ files so that they can then steal these files and hold them for ransom with the threat of being released to the public for non-payment. These ransomware attacks can be harmful in more ways than you might think, by using career-ending tactics to destroy your brand and reputation.

With all of the recent publicity of these attacks, cybercriminals are using any way they can to try and gain access to your network. These criminals are targeting SMBs more than ever, due to the fact that SMBs are more budget cautious, which makes them “easier targets”. The most common target currently are law firms, healthcare providers, industrial companies, and manufacturing providers. The percentage of SMBs that are being targeted has grown from 60% in 2019 to 77% in 2020. These criminals are using everything from social media messages to email phishing using common call-to-action words to get your attention.

Have you ever heard the phrase IoT? Maybe not, but it is the Internet of Things. What does that mean, you ask? Basically, anything that may be connected to the internet. These include inanimate objects such as fish tank thermometers, home security systems, sprinkler systems, elevators, refrigerators, fitness trackers, and even light bulbs. Unfortunately, most people are not aware of the dangers that these devices can have on an unsecured network.

Now that I have you all running to unplug everything you own, here are a few ways you can start protecting yourself or your business today:

  1. Question everything: You received an email from “your boss” asking you to reset your password to a certain application and they even provide you with a link to make it easier for you. However, the email is really from a hacker pretending to be them. Once you click on the link that they provided in the email- boom- they have access to everything they need. Stopping to question every email, text, or social media message that you receive is your first line of defense.
  2. Create and use strong, unique passwords for every website or app that you use – no matter how insignificant the website seems. Use a password manager to keep your passwords safe and to create auto-generated unique passwords for every website. (TKS recommends using LastPass).
  3. Start using MFA (Multi-Factor Authentication) on all accounts that support it. This is a layer of protection used at the sign-in process which will send a code to your cell phone or ask for a fingerprint scan to ensure that you are in fact who you say you are. Without this code or second layer of protection, the hackers are unable to get into your accounts.
  4. Employee Education & Training: None of these steps will help you if your employees are unaware of the dangers and the knowledge of how to protect their credentials and your business.

 

Ransomware and cyberattacks are becoming increasingly aggressive by the minute. Take these simple steps above to help prevent you from becoming their next victim.

 

Author: Stephanie Reilly – Turn Key Solutions, LLC

Related Posts - TKS Blog

TKS Newsletter - 2024 December
Here's our December 2024 Newsletter Read the full PDF version here: The TKS Sentinel - December Issue In this month's edition, we discuss: Ransomware Threats PDF Hijacking ...
Read more
5 New Trends from a Study on the State of AI at Work
5 New Trends of AI At Work
The pace of technological advancement is accelerating. This is not news to anyone wading through the ChatGPT craze. Artificial intelligence (AI) is at the forefront...
Read more
zero trust protections
Zero Trust Cybersecurity: Essential for Keeping Your Data Secure
As cyber threats become increasingly sophisticated, businesses can no longer rely solely on traditional methods to protect their data. Hackers are no longer trying to...
Read more
voice technology options
Harnessing the Power of Voice Technology
Voice technology is quickly becoming one of the most valuable tools for businesses seeking to improve customer interactions, streamline operations, and cut costs. With...
Read more