As a cybersecurity professional, I’m in an industry where ‘ransomware’ and ‘breaches’ are in every other article I read. As with the jargon specific to every industry, it’s easy to assume that everybody else understands our terminology as we do. For example, I recently spoke at a legal conference and one of the presenters was a digital marketing firm. After about 30 minutes of discussion on SEO, an attorney finally had the courage to ask, “What is this ‘SEO’ you’re talking about?” Since there’s a lot of news about businesses affected by cyber breaches and ransomware, I thought it would be a good idea to make sure we understand the meaning behind both.
1. Breach: Stealing Your Data and Your Customers’ Information - Think of your company’s connection to the Internet as your Internet front door. This is what a Firewall is. A breach occurs when a criminal ‘picks the lock’ on your front door to gain entry. Another type of breach occurs when the criminal disguises themselves as someone innocent party and an employee invites them past the Internet front door. This occurs from a phishing email, such as a fake UPS shipping attachment or a fake IRS demand attachment. Once inside your company, the criminal can sit and watch all activity. The average time before they are discovered is over 200 days. That’s over half a year! They steal anything of value. This is a very lucrative criminal enterprise, but it’s labor intensive. What’s a good criminal businessman to do in this situation to improve revenues? Automate!
2. Ransomware: Holding Your Data Hostage - The criminals were raking in money from breaches but it wasn’t enough. In 2013, the criminals automated their criminal theft in a new way called Ransomware. This is a process by which your data is made unusable until you pay the criminals a ‘ransom.’ This is money you certainly didn’t put into this year’s budget. They have automated this theft so well the cost to businesses has grown from $24 million in 2015 to $1 billion in 2016 to $5 billion in 2017. What’s worse is paying the ransom is no guarantee your data is made usable again. In 25% of the cases reported, your data is gone forever. Oh, did I not mention they target your backup too? These ransomware landmines are found on previously safe websites that have been hacked, email attachments through phishing emails and even packed into free apps for your phone or desktop. Criminals have now combined the 2 and some types of ransomware in 2017 breach & take your data before they ransom it. Truly evil.
RELATED ARTICLE: Paying $28,000 in Ransom Was Just the Beginning of Madison County’s Ransomware Problem
Both approaches can devastate your company and potentially your reputation. Smaller companies can be particularly at risk as they don’t have a dime to spare on this type of theft. If they don’t steal your money, a successful attack will still bring your work to a grinding halt while you recover from the attack. This is no small task and will likely take hours if not multiple days. For this reason, our firm recommends the best backup and business continuity protection available. You’re NOT spending everyone’s bonuses on this technology, but rather protecting everyone’s bonuses. You can’t get a bonus if you aren’t working.
SEE OUR RELATED ARTICLES:
DOWNLOAD OUR FREE GUIDE:
The Top 10 Ways Hackers Get Around Your Firewall and Anti-Virus to Rob You Blind
We are cyber security & ERP integration advisors in central Indiana with over 25 years of experience supporting small to medium sized businesses. Founded by a CPA & Sophos certified security engineer/architect, Secure ERP is dedicated to our client’s cyber security & growth objectives. We are a certified TRAVERSE consultant firm and also work with SYSPRO ERP.
Contact Secure ERP, Inc. at: (317) 290-8702. Email us or visit us at: www.secureerpinc.com
About the author, Rick Rusch | Cyber Security Evangelist
For over 25 years Rick has helped companies utilize technology safely & productively. Recognizing the dangers of the Internet age several years ago, Rick has passionately focused on cybersecurity to help clients guard their reputations & their most precious asset, their digital data.
Another version of this blog was previously posted on SecureERP Inc's Blog
Photo courtesy of freedigitalphotos.net by Stuart Miles