和你的生意一样,犯罪分子也开始数字化了
It doesn’t take much to trigger memories of a bygone era – when business was done with a handshake, 一个人的话就是他们之间的纽带. 也许, 作为一个企业主, managing the day-to-day responsibilities of a company has never really been easy, per se; but, it’s a pretty safe bet that the generations that have come before didn’t have to deal with the heap of rules, 今天你要面对的法规和数字威胁. And while these particular challenges can be enough on their own to overwhelm even the most seasoned business owner, now you have to worry about criminals from half a world away gaining access to your company’s vital information and holding it for ransom. 这真的足以让任何人渴望“过去的好时光”.”
听...... 集238”,网络安全 & “covid - 19后重返地球生存”,在意图电台播放,意图 & 协会获奖播客.
新时代带来新威胁
不幸的是,时代变了. 这些天, business owners have a ton of challenges on their plates – from delivering top-notch customer service, 管理复杂的资产负债表, 争夺顶尖人才, 最大化效率, 在全球市场上竞争, 是的, even securing essential company and client data from criminals who are looking to exploit your business for a quick buck.
The digital threat is real and not only is it proving to be catastrophic to the largest of companies out there, cybercriminals have been very successful in their efforts to infiltrate the digital networks of small- to mid-sized businesses. 事实上, 当地企业主Duane Erb说, 柏林Erb炉灶中心的老板, 俄亥俄州, recently sought out assistance from the cybersecurity and data protection services team at 意图 & 比较靠谱的赌博软件 after his company fell victim to a Ransomware cyber-attack that effectively stalled his company’s operations for about 10 days.
Ransomware is a type of malicious software (also known as malware) designed to give a criminal access to your data while threatening to publish it on external malicious websites for additional financial gain – unless, 这是, 支付赎金. 这种类型的攻击不仅会带来巨大的财务风险, but it’s also a serious liability as the information most likely includes confidential information about employees, 客户, 以及整个公司.
There are two main types of Ransomware with several variants out there in cyberspace.
- “Crypto” Ransomware is designed to encrypt valuable files on a victim’s computer so that the victim no longer has access to them.
- “锁”勒索软件有效地锁定了受害者的服务器, 工作站, 笔记本电脑或设备, preventing them from accessing their own business’s sensitive data through encryption.
What’s worse is that both types of Ransomware have evolved over the years and, 今天, 有成千上万的变体, many of which are un-crackable by even the most tech-savvy professional. 在某些情况下, even federal authorities do not have the ability to reverse engineer these modified versions of Ransomware.
勒索软件已经变得非常复杂. It is being built inside applications such as email and other vulnerabilities within company networks and information systems. Often times all it takes is for you or an employee to click on a link within a fraudulent email to execute the malicious code. 一旦发生这种情况, 勒索软件附着在本地信息库上, 例如文件和/或备份服务器, 客户数据库或财务系统.
The threat to Erb’s business occurred even though the company had already established information security controls. 幸运的是, 他迅速采取了行动, which allowed 意图’s cyber team to quickly and efficiently respond to the event. 但厄布并没有放松警惕. 袭击发生后, 他还建立了额外的安全措施, 包括雷亚的网络团队的持续监控.
Click here to check out this on-demand webinar: “What Is Life After Coronavirus? 网络风险 & 远程办公.”
风险依然存在
The primary objective of the cybercriminal is to get their victim to pay a ransom. So, naturally, they will promise to restore the company’s data once the ransom is paid. Just remember that they are criminals and it’s in their job description to say and do whatever it takes to get their way. 即使你答应了他们的要求, there is absolutely no guarantee that you will get your data back or that they will unlock your systems and never “attack” again. There are many cases of cyber attackers asking their victims for a little bit of money at first to generate trust. 然后, 一旦网络罪犯知道你愿意按他们的规则办事, 他们会把你当作一个容易对付的目标,然后继续勒索更多的资金.
Surveys have found that an estimated 80 percent of small- to mid-sized businesses have already been compromised by Ransomware within the last 18 months. Of those that have been attacked, only 20 percent have come forward to report the incident. These numbers prove that a cybersecurity strategy and framework within small- to mid-sized businesses is absolutely essential.
如何减少威胁
More often than not, cybersecurity tends to fall pretty low on a business owners’ list of priorities. It isn’t until the threat is staring them in the face that they take action. 然而, because malicious software can be programmed to hide deep within your system until the timing is just right, 很有可能你的网络已经被入侵了. 另外, 就像大多数其他旨在防止麻烦发生的服务一样, 从勒索软件攻击中恢复的成本(如果可能的话), is substantial compared to what it would have been if preventative measures would have been put in place early on.
Surveys have found that an estimated 80 percent of small- to mid-sized businesses have already been compromised by Ransomware within the last 18 months. Of those that have been attacked, only 20 percent have come forward to report the incident. These numbers prove that a cybersecurity strategy and framework within small- to mid-sized businesses is absolutely essential.
开始你的网络安全之旅的最好的地方是 联系一个值得信赖的商业顾问 to talk about the risk cyber threats place on your business in more detail. 记住“约翰的汽车车身”很重要 & Collision” will have a very different approach to cybersecurity than a company 这是 required to follow regulatory frameworks and guidelines. So it’s important to work with specialists who can build a customizable and scalable solution that makes sense for your unique organization.
By 特拉维斯·斯特朗,CISA (伍斯特哦)
Looking for more insight to help you protect your business from cyber criminals? 看看这些资源:
[ARTICLE] Passwords: Turns Out We’ve Been Doing It Wrong This Whole Time