Category: Cybersecurity

For business owners of all sizes, cyber threats are a real concern. Data breaches, malware, ransomware, and other cybercrimes are all too common. In fact, according to Internet Crime Report released by the FBI, the number of cybercrime complaints rose by 7% in 2021 with total money lost increasing by a whopping 64%.

Cybercriminals stole nearly $2.4 billion by hacking email accounts at businesses mostly due to the increase in remote work over the last two years. Unfortunately, for many organizations, especially small businesses, coming back after a financial loss can be challenging if not impossible.

In the event of cybercrime, some businesses may benefit from cybersecurity insurance. Cybersecurity insurance generally covers a business’s liability for a data breach or other cyber incident. Essentially, it helps reduce the financial loss incurred when a fraudster infiltrates an organization.

Not all cybersecurity insurance is the same, and it doesn’t cover every financial risk associated with a cybercrime. Let’s take a look at the different types of coverages available, what is excluded, and the types of businesses that may benefit from cybersecurity insurance.

Types of Cybersecurity Insurance

When a business is the victim of a malicious cyber event, there are many different assets at risk. Their personal information, privacy, and operations can be affected, and sensitive customer data such as social security numbers, bank routing numbers, and more can fall into the wrong hands. Depending on the type of attack, different types of cybersecurity insurance can minimize the damage.

First Party Coverage

First party coverage protects a company’s data including both customer data and employee data. If a company has first party coverage, the policy will generally cover the cost of legal counsel, recovery and replacement of data including customer information, customer notification and call center services, lost income caused by business interruption, public relations, and more.

Third Party Coverage

Third party coverage, unlike first party coverage, protects an organization from liability if another party brings a claim against the company. Coverage includes payments to consumers affected by the incident, claims, and settlements related to lawsuits, losses related to trademark infringement or defamation, costs for litigation, and accounting costs.

Privacy Liability Coverage

One of the most common repercussions of a cyber attack is the loss of personal customer data. With privacy liability coverage, a business will be financially protected in the event their customer data falls into the hands of a cyber thief. The policy typically covers financial losses associated with attorney and court fees for legal proceedings, settlements, and court judgments, and regulatory fines.

Network Security Coverage

Network security coverage includes claims arising out of a breach of a company’s network and data storage. Some policies cover both online and offline information, denial of service attacks, and the failure to prevent a virus or malware from infecting the network. Coverage may include costs associated with notifying customers of a breach, credit monitoring, data restoration, call center fees, IT forensics, and legal fees.

Technology Errors and Omissions

Errors and omissions coverage (also called E&O coverage) protects an organization for cyber risks that prevent delivering services to clients or fulfilling contractual obligations. E&O coverage is similar to product liability coverage for companies that sell physical or digital products. Like other forms of cybersecurity insurance, E&O coverage will help minimize costs related to court fees, informing customers, and other first party claims. E&O does not extend to third party claims against a company.

Network Business Interruption Coverage

When a cybercrime affects an organization, one of the biggest casualties is the interruption of business. Network business interruption coverage helps businesses who rely on technology to keep operations going. This coverage can be used to deflect the costs of fixed expenses, lost profits, and extra costs when a company is “offline” due to a cyber attack.

Cybersecurity Insurance Exclusions

Cybersecurity insurance policies are fairly new within the last five years, and insurance companies are constantly adjusting what is covered – and what is not covered – with a policy. Nearly all types of cybersecurity policies have exclusions that business owners should be aware of.

Generally, a policy doesn’t cover:

  • Property Damage: Cybersecurity insurance usually only covers financial damages and excludes property damage losses. If a computer network is fried, for example, and needs to be replaced, the cost would not be covered by the insurance policy.
  • Intellectual Property: Intellectual property losses are not included in cybersecurity insurance coverage. In order for intellectual property to be covered, a business would need intellectual property insurance.
  • Self-Inflicted Crimes or Cyber Incidents: This may seem obvious, but absolutely no cybersecurity insurance carrier will issue a policy that protects a company that is involved in a crime related to a cyber attack.
  • Potential Future Profit Loss: Unfortunately, cybersecurity insurance doesn’t cover future profit losses. This is why it’s important to recover quickly from a cyber attack and resume business operations as soon as possible.
  • Cost of Technology Improvements: After a cyber incident, companies may want to invest in updating information technology security systems as part of their risk management process. Cybersecurity insurance does not cover this investment.

Who Needs Cybersecurity Insurance?

If you own a business, you may wonder if cybersecurity insurance is a good investment. The answer is “maybe,” depending on the type of business, what data you store about your team, customers, and operations, and whether or not you are poised to recover quickly after a cyber attack.

While there is no clear line about who should get insurance and who can opt-out, the types of businesses that may benefit from cybersecurity insurance include:

Businesses That Store Important Data

If your company stores sensitive business data such as phone numbers, social security numbers, credit card numbers, and bank account information, you are likely a target for cybercrime. Cyber thieves specifically target organizations who store large amounts of personal data and will go to extremes to get it.

If your business is storing your own financial data and personal customer data, first party coverage may be a good option. A real world example is if your company is the victim of ransomware, where a cybercriminal is holding your data hostage for a financial payout, the policy would likely pay out the ransom so you can recover the data. With all types of insurance, though, each policy is different and may have exclusions.

Businesses with a Large Amount of Customers

Have a business with a large customer base? Cybersecurity insurance may be a good investment. One of the necessary steps after a data breach is to inform your customer base. In fact, notifying customers is often required by law. Costs associated with this process – call centers, direct mail, etc. – can easily skyrocket. First party coverage can help deflect those costs.

High Revenue Businesses

Businesses with high revenue and valuable assets may be good candidates for cybersecurity insurance, particularly if the insurance premiums are lower than the combined value of the business. A cybersecurity insurance policy can greatly reduce the financial risk for this type of business.

For a small business with a low annual revenue, the cost of a policy may not be justified. It all depends on the projected cost to recover from a cyber attack versus the cost of the annual premiums.

Unsure if a cybersecurity insurance policy makes sense for your business? We understand – it’s a fairly new type of business insurance and can seem confusing. Before signing up for a policy, or walking away from one, consult with a cybersecurity team like Everound.

Cybersecurity Services for Central PA Businesses

Everound is a full-service managed IT services provider that helps businesses with their IT operational needs. Our team of experts can help you determine if cybersecurity insurance is a good fit for your business, and even help you procure a policy.

We can provide a free cybersecurity assessment to determine your risk for a cyber attack. Our assessment looks at your email security, network security, and endpoint security and offers cybersecurity improvement measures to reduce your risk.

Interested in learning more with a no-obligation consultation? Contact us today to get the conversation started.

Phishing scams are nothing new and are one of the biggest cyber threats to a business. According to Proofpoint, more than 80% of companies were targeted by phishing cybercriminals in 2021. Do you know how to spot phishing attempts at your organization?

Understanding the different types of phishing strategies is the first step to stopping them from infiltrating your organization. Let’s examine the different types of phishing attacks, ways to spot them, and how to block phishing emails.

Types of Phishing Attacks

What is phishing? Phishing is an email or text message scam that tricks users into providing personal information either by clicking on a link or opening an attachment. The emails or text messages appear to come from someone the recipient trusts, either a supervisor, colleague, or in some cases, a family member.

Not all phishing attempts are the same, and there are several different ways a cyber thief can deploy a phishing attack. The most common types include:

  • Deceptive: Deceptive phishing is the most common type of scam. In this method, attackers impersonate a company the user is familiar with to steal personal information or data. The emails may look real and even include legitimate links to trick the user into falling for the scam.
  • Spear: Spear phishing is a more targeted type of a deceptive phishing attempt. With spear phishing, the criminal will specifically target an individual with personal information they can find on the Internet. A spear phishing email may contain the user’s full name, place of employment, job title, email address, and even specific information about their role at their company.
  • Whaling: Whaling is similar to spear phishing, however, targets senior leadership such as the C-suite. With whaling, scammers impersonate the CEO, CFO, or another high-level team member with the hope the recipient will “follow orders” from a superior. The requests are typically to complete a financial transaction or respond to the email with personal information.
  • Smishing: Smishing is a type of phishing attack that uses text messaging rather than emails, but the goal is still the same – to get a user to click on a malicious link or provide personal information. Many phishing criminals will send text messages disguised as a bank and claiming there was suspicious activity with the user’s bank account or credit card.
  • Vishing: Vishing is much the same as smishing, however, the platform switches to a phone call rather than a text message. Senior citizens are particularly at risk for vishing attacks. The caller will pose as someone in an authoritative position to be able to obtain bank account numbers, credit card information, and more.
  • Pharming: As users have become more aware of email phishing, fraudsters have changed their strategy to include pharming. With pharming, users are redirected to a fake or “spoof” website that essentially appears to be a real website. The fake sites are designed to capture a user’s personal information such as their social security number, website credentials, account numbers, and more. Pharming is implemented when the hacker sends malicious code in an email that redirects traffic to the fake website.
  • Angler: Angler phishing is a fairly new type of phishing attempt that targets social media users, particularly ones who are frustrated with customer service at a financial institution. The cybercriminal will pose as a customer service rep for the company and respond to a complaint using a handle that includes the name of the institution. The fake account will attempt to “resolve” the complaint and ask the user to click on a link to talk to an agent. Once the link is clicked, the fraudster can install malware on the user’s computer or steal business data.

While there are different methods of phishing, they all share the same goal. The email (or text message or phone call) may ask for a password, billing information, credit card numbers, or other sensitive data. Once the information is shared, hackers can infiltrate a company’s network and steal information or deploy malware. Phishing is a real risk for all sizes of organizations, from small businesses to large enterprises. If you are concerned about phishing attempts at your business, a cybersecurity team like Everound can help.

How to Spot Phishing Attempts

how to spot phishing attemptsIt’s more than likely that you have been the target of a phishing attempt either at work or at home. Were you able to spot it as suspicious? There are “red flags” to watch out for when determining if an email is real or a phishing attempt.
Here are ways to spot a phishing attempt:

  • Unfamiliar tone: Does the email from your friendly coworker down the hall come off as cold and monotone? Chances are, the email is a phishing attempt. Hackers don’t understand tone very well and some phishing emails are even written by bots. If the content in an email feels a little “off,” make sure you verify the sender actually sent you an email.
  • Spelling and grammatical errors: Most email platforms have a built-in spell check feature for outbound emails. If an email contains several spelling and grammatical errors, it may be a phishing attempt.
  • Inconsistencies with an email address, links, or domain: Another easy way to spot a phishing attempt is to look for inconsistencies with the domains in email addresses or links. For example, if you hover over a link in an email from your “bank” and the URL doesn’t contain the bank name or trusted domain, that’s a huge red flag.
  • Threats or a sense of urgency: Threats or a sense of urgency are often used in whaling. Your “CEO” may be busy in a meeting and ask you to quickly take care of sending a payment to a vendor. If you receive an email that feels out of character, is threatening, or creates a sense of urgency that is uncommon at your business, this is likely a phishing attempt.
  • Suspicious attachments: Attachments sent via email should always be opened with caution. Attachments can contain harmful viruses and malware that can infiltrate an entire organization quickly causing financial damages. If you receive an email with an extension such as .zip, .exe, .scr, etc., or another unfamiliar extension, be very cautious about opening it. Check with the sender by phone to see if they sent you a safe attachment.
  • Odd request: Did you get an email with a request to do something that is not within the normal scope of your job at work? Or perhaps an off-hours text message from your “boss”? Did your IT team send an email with an attachment and you weren’t expecting it? Odd requests are a sign of a phishing attempt.
  • Short and sweet: Some phishing emails are full of content and detail, and others are short and sweet. If you receive a message with a short note like “Per your request” or “As a follow up…” however didn’t request or need anything from the user, do not click on any links or open the attachment.
  • Request for a password or other sensitive information: This is by far the easiest way to spot a phishing email – when the requestor asks for a password or other sensitive information in an email. Passwords, bank account information, and personal data should never be shared via email. A savvier attempt is to send the user to a fake landing page and ask the user to enter their credentials. Remember – banks, financial institutions, and other reputable companies you do business with will not request your credentials via email or their website.

Learning how to spot phishing emails can reduce your risk of a data breach or other cyber threat. Phishing emails are always a little bit “off” and are suspicious. If you are unsure if you can tell the difference between a real email and a phishing scam, working with a cybersecurity team can help.

How to Block Phishing Emails

The first line of defense against phishing emails is learning how to spot them. Your information technology team is likely also implementing several strategies to block phishing emails all together.

How can you block phishing emails?

  • Security awareness training: Phishing attempts all rely on one thing – human interaction. You can reduce your threat and risk of being a target of phishing emails by implementing regular security awareness training at your organization. There are also phishing simulators that can send suspicious emails that are actually harmless to see if employees would fall for a phishing scam.
  • Anti-spam, anti-malware, and anti-phishing software: There are several cloud service software packages that include anti-spam, anti-malware, and anti-phishing support. This technology can identify and stop phishing emails before they even get to a user’s inbox.
  • DNS authentication services: DNS authentication services that include SPF, DKIM, and DMARC protocols help prevent fake websites (spoofing) and impersonation. With DNS authentication, users are blocked from visiting sites that are flagged malicious by the software.
  • Anti-impersonation technology: One of the cornerstones of phishing attacks is the criminal’s use of impersonation. Anti-impersonation technology scans inbound emails and detects abnormalities in headers, domains, and suspect body content.

Cybersecurity Services from Everound

At Everound, we make it our business to protect our clients from phishing and cyberattacks. As a managed IT services provider, we offer comprehensive cybersecurity solutions to protect organizations from phishing, data breaches, dark web threats, malware, viruses, and more.

Unsure if your business is protected and able to sustain a cyber threat? Reach out today for a free cybersecurity audit. We will take a look at your current IT infrastructure, assess vulnerabilities, and work with you to come up with a robust cybersecurity plan. Let us focus on your IT, so you can focus on your business.

When it comes to protecting your data online, you can never be too cautious or safe. The building blocks of online cybersecurity begin with strong passwords and two-factor authentication (2FA), however nothing is failsafe. Strong passwords can be hard to remember if you aren’t using a password manager, and 2FA can still result in data breaches.

That’s where a hardware security key comes in. Hardware security keys provide an extra layer of protection when you are online. With a security key, no one can access your accounts unless they have BOTH your password and the physical security key.

Should you use a hardware security key for your business? Let’s take a deep dive into what a hardware security key does, the pros and cons of using them, and what are the most popular security keys on the market today.

What is a Hardware Security Key?

A hardware security key is a way to secure your computer without having to rely on a password. Hardware security keys (also called security keys, U2F keys, or physical security keys) work in a similar manner to 2FA and multi-factor authentication.

Instead of receiving an SMS text message, email or notification on an authenticator app with an authentication code, the way you use a hardware security key is similar to how a regular key functions. You insert the key, usually the size of a thumb drive, into the USB port of your computer and that’s it — no need to enter anything else from that point on.

Security keys house a small chip with the security protocols and codes that allow it to connect with servers, websites, and apps and will verify your identity. Security keys essentially ‘communicate’ with the server and confirm you are who you say you are. The keys support an open-source universal standard called FIDO U2F, which was developed by Google and Yubico for physical authentication tokens.

You can think of a hardware key just like a hotel room key. When you visit the front desk to check-in, the front desk associate codes your key to your room. Once you insert the key into the door, the data on the key tells the locking mechanism you have permission to enter the room. Hardware security keys work in the same way.

Pros and Cons of Hardware Security Keys

As with most things in life, there are pros and cons to using a hardware security key. How do you know if they are a good choice to enhance cybersecurity at your business? Here are several points to consider:

Pros:

  • Convenience: Hardware security keys are incredibly easy to use. Most people working at a company in a role where they are required to use a computer are familiar with USB ports. Plus, you don’t need to install any extras like software or drivers and most people find hardware security keys are easier than using a password manager.
  • Hassle-Free Recovery: Even if you lose your hardware security key, you don’t need to worry about being locked out of your accounts. Hardware security keys have a fallback number or code you can use until you can acquire a new key. Just be sure to keep your backup code in a safe place.
  • Security: Hardware security keys are one of the most secure ways to protect your data. They cannot be reverse-engineered or intercepted and are a reliable choice.
  • Phishing Proof: Even people who are aware of cybercrime and are cautious online can fall victim to phishing. Hackers are savvy and can lure users into sharing their passwords or online credentials. With hardware security keys, this risk is eliminated.

Cons:

  • Cost: Even though hardware security keys are relatively inexpensive, costs can add up for a large organization. Considering the costs of a cyberattack can reach tens of thousands of dollars for a small business, the cost of hardware security keys is a justified expense.
  • Time/Learning Curve: Change can be a barrier to trying something new and different, particularly at an organization that hasn’t intentionally focused on cybersecurity. Hardware security keys, although easy to use, make take some time to be adopted by team members.
  • Risk of Being Lost or Misplaced: Because of their size, hardware security keys can be misplaced or lost. A good way to keep track of your key is to attach it to your car keys or another keyring. After all, it is a ‘key’ and can be stored alongside other more traditional keys.
  • Not Universally Supported: Most major websites support hardware security keys, but not all. While the technology is being rapidly adopted, some sites may not support them.

Best Security Keys on the Market

There are many hardware security keys on the market today for both business and personal use. Here are a few of our favorites for businesses that work with sensitive data like financials, customer information, and other highly confidential data.

  • Yubico Security Key Series: The Yubico Security Key series is compatible with most of the online services that businesses use, including Google, Microsoft, Twitter, Facebook, GitHub, and Dropbox. It’s available for USB-C ports as the Yubico Security Key C NFC and for USB-A ports as the Yubico Security Key NFC. The Yubico Security Key series is also affordable at approximately $25 each, making it a budget-friendly choice for businesses.
  • Yubico YubiKey 5 Series: The YubiKey 5 series is a step up from the Security Key series and supports a wider array of security protocols and is compatible with more online accounts. It also has more connection options including USB-A, USB-C, USB-C with NFC, and a dual-headed USB-C and Lightning-port model. Because this is an upgrade and provides additional features, the investment is higher at $45-$70 each, depending on which model you choose in the series.
  • CryptoTrust OnlyKey: OnlyKey has a few interesting features that other hardware security keys lack, notably an onboard keypad that is used to enter a PIN, and a password manager. It supports several methods of two-factor authentication including FIDO 2 U2F, Yubico OTP, and TOTP. Other features include encrypted backup, self-destruct (which wipes the device after a certain number of incorrect PIN attempts), and the ability to update the firmware in order to access new features. The price for the OnlyKey is around $45.
  • Kensington VeriMark: The Kensington VeriMark is FIDO U2F certified and offers a good balance of protocol support, cost, and most importantly, fingerprint scanning. The fingerprint technology combines biometric performance and 360° readability with anti-spoofing protection. The investment for this hardware security key is around $50 each.

Put Our Security Expertise to Work for Your Business 

As a managed IT services provider, Everound has the expertise and experience to help you protect your business data from cyber threats. While not every business may need to invest in hardware security keys, it makes sense for companies that deal with sensitive customer data, financial records, and any information that could be tempting to steal.

If you are unsure if hardware security keys are a good fit for your business, reach out today for a free cybersecurity assessment. We can take a look at your network infrastructure and business processes to assess how vulnerable – or secure – your business is from a cyberattack.

Our cybersecurity assessments are free and there is no obligation to engage in our services. Complete our online form or give us a call to learn more. Let us focus on your IT so you can focus on your business.

Still using ‘password’ as a password? Even if you aren’t, some of your colleagues may be a bit lax with their password management. Considering 61% of data breaches involve login information being compromised, password security should be a top priority at a business.

Password security is sometimes an overlooked area at a company but can be easily addressed by incorporating a password manager into your IT best practices. Password management software can not only help reduce security risks but it can also decrease the amount of time your team spends on password recovery and downtime.

Let’s take a look at the risks associated with password security, the benefits and features of a password manager, and a few of our favorite password managers that can be implemented in a business setting.

Password Security Risks

Cybercrime is not just a hobby anymore for hackers sitting in a basement. Cybercrime is a lucrative career for hackers – they know if they can get access to company data, they can sell it for a hefty price. One of the most targeted assets for a hacker is user passwords.

Password security risks include:

  • Phishing/Sniffers/Keyloggers: One of the easiest ways for a hacker to get your password is for you to simply tell them. Hackers try to trick users into typing their passwords into a website they control (phishing), infiltrate unencrypted networks (sniffing), and tracking keystrokes either through hardware or software loggers (keylogging). These strategies are clever – and easy – ways for someone to access your passwords.
  • Weak passwords: People are predictable, but passwords shouldn’t be. When users choose predictable passwords that include public data like their children’s names and birthdates, or their middle name, or something easy to crack (password1234!), they are at risk for a cyber-attack.
  • Reuse of passwords: A Google survey found that more than 50% of users reuse their same password across multiple – if not all – accounts. When a hacker finds one password that works on an account, chances are they will try it across other platforms.
  • Compromised passwords: Once your password has been cracked by a hacker, there is a risk your password will end up online in a data breach. Once a hacker has your info, they can sell it on the dark web or include it in an intentional data leak. Compromised passwords should be changed immediately.

We understand choosing – and using – strong unique passwords can feel like a nuisance. After all, the average user has more than 100 different accounts that require a password for access which can be hard to manage without help. This is where the benefits and features of a password manager can be beneficial.

Benefits and Features of a Password Manager

A password manager is a cloud services software application designed to store and manage online logins and passwords, as well as other sensitive information like credit card numbers, frequent flyer information and private data. Passwords and other data are stored in an encrypted database and are only accessible to the user.

Features and benefits of a password manager include:

  • One password for everything: When using a password manager, you only have to remember one password – the password you choose to access your database. This is one of the main benefits of using a password manager as you don’t have to rely on a notebook or your memory to be able to log in to websites or applications.
  • Automatically generated passwords: Having a tough time thinking of a strong password that contains numbers, letters, and special characters? It can be tough to get creative with passwords! With a password manager, passwords are automatically generated in a way that avoids recognizable patterns. When utilizing this feature, it also prevents you from using the same password across multiple websites and applications.
  • More secure than other methods: Storing your passwords in a spreadsheet on your computer? If someone gets access to that spreadsheet, they can really do some damage. Password managers provide extra security than every other way of saving passwords (especially the old ‘write it on a Post-It note’ method).
  • Works across all devices: Depending on which password manager you choose, you can use your password manager across different devices including your computer, tablet, cell phone, and laptop. If you change your password for a website on your desktop, it will automatically replicate to the rest of your connected devices.
  • Can share with a trusted person: While passwords are meant to be kept to yourself, there may be instances where you want to share your credentials with a trusted person. If you are injured or ill and unable to access your accounts on your own, a password manager can help. Some password managers can even limit what your “trusted person” can see. For example, employees can share only their relevant work credentials with their employer and still keep personal data private. For business owners, this can be important if you have an employee out on medical leave or away from work for an extended period of time.

Top Password Managers

There are many password managers available for both business and personal use with common and unique features. Here are our favorites for enterprise password management solutions:

  • 1Password: 1Password makes it easy to store and sort your logins in a secure vault. 1Password offers secure sharing, custom groups and roles, account recovery, end-to-end data encryption, and customizable access polices for businesses. 1Password is also a good choice for personal use with family sharing plans available.
  • Bitwarden: Bitwarden is an open-source password manager for both business and personal use. Business features help companies share private data safely with coworkers, across departments, or with the entire company.
  • LastPass: LastPass is a good choice for organizations with team members who may be unfamiliar with password managers. Features include a comprehensive real-time reporting breakdown of employee password health for managers.

Put Our Cybersecurity Expertise to Work for Your Business 

Not sure which password management solution is right for your business? We can help you identify which product will work for your specific needs. With more than three decades of combined experience, our team of IT experts understands the importance of password security as one part of an overall cybersecurity plan.

As a full-service managed IT services provider, we focus on your information technology needs, so you can focus on your business. Reach out today to start a discussion about your IT needs, including adding a password manager and password security program at your business.

When you think of a patch, your first thought may be of a patch for a ripped pair of jeans. Once applied, the patch extends the life of the garment and covers up a vulnerable, worn area. In the information technology world, a computer patch functions in much the same way as a piece of fabric on a torn pair of jeans. A computer patch is a modification to a software program that is intended to improve security or performance or fix a bug or issue. It helps to repair an exposed flaw.

Computer patches are an integral part of keeping your information technology infrastructure operating smoothly and protecting your data from cyberthreats. What are the different types of computer patches and how do you find and install them? Let’s take a look at the most popular patches, how to find them, and what the consequences are for not patching regularly.

Types of Computer Patches

Over the course of a software program’s lifespan, it will run into “bugs.” A bug is a coding error in a computer program that can create a vulnerability. A patch is a software update that provides an immediate fix to a bug and allows the software developer to work on the issue for the next release of the software.

There are different kinds of computer patches available including:

  • Point Release: A point release patch from a software company is usually a minor update. Point releases correct bugs and feature minor enhancements to a program as opposed to adding to new features. The point release adds a decimal “point” to the software version number; for example, Version 4.2.06 and Version 4.2.07.
  • Security Patch: A security patch corrects errors in computer software code and addresses cyber vulnerabilities. Vulnerabilities are often discovered in the aftermath of a cyberattack and new security patches respond to the latest threats.
  • Service Pack: Service packs are bundles of patches released together and often contain new features in addition to bug fixes. Most operating systems and software programs provide service packs free of charge.
  • Monthly Rollup: Similar to services packs, monthly rollups contain multiple patches combined into a single update. Each rollup is cumulative, so users need to only install the latest rollup.
  • Hotfix: A hotfix, also known as a quick fix engineering update, addresses a specific issue found with the software. Hotfixes can typically be applied without restarting your computer. A hotfix is an update that cannot wait for a service pack or monthly rollup release.
  • Unofficial Patches: When a software product reaches its end-of-life (EOL), it is often no longer supported by the company that released it. Other developers may create their own patches to address bugs, but because these patches are not developed by the original developer, they are “unofficial.”

Computer patches can help keep your software running smoothly and protect your business from cyberthreats. Software patches are only useful, though, if you have a patch management process implemented. A patch management program outlines how your computer support team will find, download and install patches on a routine basis.

How Do You Find and Install Patches?

When patches become available, vendors will put them on their websites for downloading and installation. As part of your routine IT processes, check for updates at least once a month for installation to protect your business. Some cyber attackers will continue to target vulnerabilities long after patches are available, so it’s important to apply fixes monthly.

Some software will automatically check for patch updates, too. If automatic updating is available, take advantage of this service from your vendor. Automatic patches can contain critical fixes for security and usability.

Here are several tips to keep in mind when installing patch updates:

  • Only download and install patches from vendor websites. Never click on software update links in an email – this is a common phishing tactic used by cybercriminals.
  • Only install patches on a secure network. If you are attempting to install patches on a public network, use a VPN.
  • Microsoft, Oracle, and other software companies release patches on “Patch Tuesday.” Patch Tuesday occurs on the second Tuesday of the month, and sometimes the fourth Tuesday as well. Your IT team should be looking for these patches on a regular basis.

Consequences of Not Patching

If you are managing your business’ information technology needs on your own, you may be tempted to skip patch updates either because of time constraints or the process is outside your area of expertise. Skipping patch updates, though, can put your business at risk for:

  • Damaged Software: Nearly all software programs will experience a bug or issue at some point during its lifespan. A patch will help fix the bug and allow you to continue to use the software as intended. When you skip patches with critical fixes, the software can become damaged or malfunction. Patches are a great tool to keep your software at peak performance.
  • Security Risks: Cybercrime is at an all-time high, and one of the methods a criminal uses to access a company’s data is through a third-party application like software. Some malware can completely erase your data, or a cyber thief can install ransomware and lock your data behind a paywall. Patches can help you stay ahead of data loss and identity theft.
  • Loss of Compatibility: When users on a network have different versions of software, incompatibility issues can arise. When one has a patched version, and the other does not, sharing files can be challenging and cause inefficiencies.

While implementing a patch management program may feel overwhelming, the consequences of not doing so can be damaging. Patches should be a part of your regular information technology functions, either performed by your IT department or a trusted managed IT services provider like Everound. If you are not sure where to start with computer patching, reach out to us today for help.

Computer Patching Support with Everound 

Everound is a managed IT services company in Central Pennsylvania focused on helping businesses create operational efficiency through information technology. Our team can help your business develop a comprehensive patch management program to protect your business and its assets.

In addition to patch support, we provide other IT services including cloud services, cybersecurity, dark web monitoring, email security, hardware and software procurement, help desk services, IT consulting, business phone system design, and more. Let us focus on your IT so you can focus on your business.

Getting something for free sure is tempting. After all, why would you pay for something that is also available to you at no cost? The internet is full of free features – free maps, free music, free email, free messaging and for decades now, free antivirus solutions.

But can you rely on the free version of an antivirus app? Or should you invest in paid antivirus software? The short answer is – it depends. In most cases, the free version is enough to provide protection for personal use computers. Your home computer likely has some version of antivirus protection already installed.

But can you trust free antivirus programs for your business? Paid versions provide more comprehensive protection and can help you identify and stay ahead of viruses, malware, spyware, and other cybersecurity threats.

Let’s take a look at the different features available in free or paid antivirus apps, the top free programs available, and why antivirus protection is important for businesses.

Different Features of Free vs. Paid Antivirus Programs

Free Antivirus Programs

The main goal of a free antivirus program is to provide basic protection from a computer virus. A computer virus is a malicious piece of code that once unleashed onto your computer, can spread from device to device. While some viruses are designed to damage a device, others are meant to steal your data and personal information.

While different free software programs vary depending on the developer, the basic features include:

  • Anti-virus, anti-malware, and anti-spamming protection: Free antivirus software is developed to identify and remove viruses and malware and protect your computer against spamming. Because computer threats are constantly evolving, antivirus software developers will update the programs regularly.
  • On-demand scanning: Some free antivirus programs have on-demand scanning or scanning only when you start the application or upload data into your computer’s memory. The downside of on-demand scanning is it relies on the user to get into the habit of running it regularly.
  • Real-time protection: Other free antivirus programs have real-time protection. Real-time protection works by scanning data for viruses, malware, and spyware around the clock. With the ever-changing cybersecurity landscape, real-time scanning is recommended to catch a virus before it spreads.

Paid Antivirus Programs

Paid antivirus programs go above and beyond their free version counterparts and provide additional protection from viruses and other harmful computer threats. Paid programs offer additional features including:

  • Extra layer of protection: Some paid programs will be better at detecting new threats such as websites with malware.
  • Firewall protection: Some antivirus companies reserve firewall protection only for their paid versions. A firewall is a security network designed to protect your computer from malicious attacks.
  • Application control: Application control is a security technology that is built into some firewalls. This technology, which is often reserved for paid antivirus programs, protects devices from malicious code and also prevents the installation or use of unapproved applications.
  • Administrative control: Administrative controls help address the “human error” component of cybersecurity. Essentially, this feature allows the administrator to determine what users have access to resources on a network.
  • Webcam protection: Over the last few years, the use of webcams has exponentially increased. For companies with remote teams, webcam protection can be a critical component of overall cybersecurity. Some paid versions of antivirus programs include webcam protection.
  • Customer support: One of the biggest advantages of a paid antivirus service is access to customer service either through email, live chat, or the phone. Free programs usually send users to an FAQ section of their website, or they have to rely on crowdsourced answers to common issues.

Top Free Antivirus Programs

If you are working on a home computer and do not have multiple devices, a free antivirus program may be enough to protect you from most types of viruses and malware. The most popular and well known free antivirus programs are:

  • Microsoft Defender Antivirus: Microsoft Defender Antivirus, formerly known as Windows Defender, is a free antivirus protection program you’re likely already using if your operating system is Windows 10. This program offers solutions to manage how websites track your data and also gives you control over your privacy settings when browsing the web.
  • Kaspersky Security Cloud Free: Kaspersky Security Cloud Free offers full-scale malware protection along with some suite-level features. It gets superb scores from the independent labs, and it won’t cost you a penny.
  • Avast One Essential: Avast One Essential offers impressive free protection for your Windows boxes and somewhat reduced protection on macOS, Android, and iOS.

Why Antivirus Is Important for a Business

As a business owner, can you trust the free antivirus solutions offered to protect your computers and devices from malicious attacks? With new threats coming online every day, businesses can’t afford to leave their data and IT infrastructure vulnerable.

A number of cyber threats target businesses specifically, even small businesses. During the COVID-19 pandemic, remote work caused data breach costs to increase by $137,000 in the United States alone. Further, ransomware attacks such as the one on the Colonial Pipeline caused businesses to be at a standstill until the ransoms were met.

Cyber attacks can paralyze a business. For a modest financial investment into an antivirus solution as part of a larger cybersecurity plan, you can protect your business from threats.

Everound for your Antivirus and Cybersecurity Needs

At Everound, we specialize in internet security and cybersecurity solutions for businesses. With more than 30 years of experience, our team of cyber security professionals can recommend and implement antivirus programs and data protection strategies to help keep your information and your network safe from harm.

Unsure if your company is at risk? Reach out to us today for a free cybersecurity audit. We will take time to identify vulnerabilities and help you come up with a robust plan to protect your business. Let us focus on your IT, so you can focus on your business.

How to Choose the Right Firewall

When putting together a robust cybersecurity plan for your business, it’s critical to include adding a firewall to your plan. A firewall is a piece of hardware or software that is placed between your internal network and the external public Internet. A firewall is designed to stop malicious intrusions on your private network.

Which kind of firewall is right for your business? There are several different types of firewalls with different levels of protection. Let’s take a look at how to choose the right firewall by examining the different types, what you should consider when choosing one, and how Everound can help you choose the right firewall for your business.

Stop Malicious Intrusions

Types of Firewalls

There are many different types of firewall architectures and each works in slightly different ways to monitor the data coming in and out of your network. While this list is not inclusive of all types of firewalls, here are several common options to consider:

  • Packet filtering firewall: A packet filtering firewall is a network security technique that controls data flow to and from a network. It is a security mechanism that allows the movement of data “packets” across the network and controls their flow on the basis of a set of rules, protocols, IP addresses, and ports. Essentially, data passes through a network in the form of small pieces called data packets. These packets will only get through the firewall if they match the predefined filtering rules set in place.
  • Circuit level gateway firewall: Unlike a packet filtering firewall, a circuit-level gateway firewall does not inspect individual packets, but rather monitors the transmission control protocol (TCP) handshaking between the packets to determine whether a requested session is legitimate.
  • Application-level gateway (proxy firewall): An application gateway or application-level gateway (ALG) filters incoming node traffic to certain specifications which means only transmitted network application data is filtered.
  • Stateful inspection firewall: A stateful firewall, or stateful inspection firewall, keeps track and monitors the state of active network connections. It also analyzes incoming traffic and looks for potential data risks.
  • Next-gen firewall: A next-generation firewall (NGFW) combines a traditional firewall with other network device filtering functions.

Think of a firewall as the virtual wall that separates your internal data from external threats. Without an effective firewall in place, a network could be susceptible to malicious threats and data breaches. If your business isn’t protected by a firewall and you are unsure which kind is best for you, a managed services provider (MSP) like Everound can help you determine what considerations are important in your selection.

What Is Important to Protect?

Considerations When Choosing a Firewall

With several different options to choose from for a firewall, consider the following questions to find the best firewall to meet your needs:

  • What are your top threats? All firewalls offer a similar function – the monitoring of network traffic. How much network traffic do you have at your business? Are you sending and receiving large amounts of data? Are your employees at risk for accidentally opening a door to your network for malicious threats?
  • Does it have DoS/DDoS protection? DoS (denial of service) and DDoS (distributed denial of service) attacks occur when a network is flooded by a machine or a group of machines with malicious intent. Both kinds of attacks can paralyze an organization and opting for a firewall with DoS/DDoS protection can help prevent downtime and lost data.
  • Does it send attack alerts? Some firewalls send real-time alerts when there is a potential threat or breach. Real-time alerts can inform you of when an attack was prevented and when an attack is occurring. With real-time alerts, you can stay ahead of a cyberattack and minimize impact.
  • Are you planning on scaling your business? Some small businesses don’t feel they need cybersecurity protection like firewalls, especially if they only have a few employees. Small businesses, though, can benefit from a firewall especially when starting to grow. Although media coverage focuses on cyber threats to large businesses, small businesses are also at risk.
  • Do you have remote or telecommuting employees? One of the biggest spikes in cyberattacks occurred when remote work increased during the pandemic. If you have a remote team of employees, a software firewall can help you prevent unwanted access to your network.
  • Do you need ongoing support? Before choosing a firewall, ask if the manufacturer has ongoing support. Will they help with installation and integration or are they only selling you the firewall itself? If you need ongoing support, opt for a firewall manufacturer that offers a go-to support specialist.
Protecting Your Data and Organization

Firewall Services with Everound

If you are considering adding a firewall to your cybersecurity plan and are unsure of which type is right for your business, reach out to Everound for help. Our team of cybersecurity experts has decades of experience working with business owners to select and install a firewall solution.

Everound also offers managed IT services and can support your business on an ongoing basis for your information technology needs. Reach out today to start a conversation about cybersecurity best practices including firewalls for your business. We offer a free cybersecurity risk assessment and can recommend the best firewall to protect your network from malicious traffic. We focus on your IT, so you can focus on your business.

layers of the internetThere are more than one billion web pages on the Internet, and 4.8 billion people around the world use the Internet daily. But did you know that only 10% of websites on the Internet are indexed by Google, Yahoo, Bing, and other search engines and accessible to the general public? These websites are called the “surface web,” and the other 90% of websites are the “deep and dark web.” These are the layers of the Internet.

Think of the internet as the ocean, with the surface web as the top layer and visible for miles and miles. The deep web, then, is the deeper part of the ocean just below the surface. This is also accessible to people but requires a bit of work to access. The dark web is the very bottom of the ocean and is only accessible to a small number of people who know exactly how to get there and has the resources and time to do it.

Let’s take a look at what kinds of web pages are on each layer (surface, deep, and dark), and what that means to the general Internet user.

Easily Accessible Content

What is the Surface Web?

The surface web includes websites that we are all familiar with and likely access on a daily basis. This is the portion of the Internet that is readily available to the general public and searchable with standard web search engines like Google, Bing, and Yahoo. The surface web is also known as the “Visible Web.”

The surface web includes websites like:

  • Social media sites including Facebook and Instagram
  • Business websites such as Everound.com
  • Wikipedia
  • Online video sharing platforms like YouTube

Essentially, any website that appears after you complete a search on Google or another search engine is on the surface web.

Accessed Through Authentication

What is the Deep Web?

Unlike the surface web, the deep web is part of the Internet where the contents are not indexed by search engines. The deep web is only accessible with some sort of authentication – a password or other means to be able to view the data and information. Using the previous ocean analogy, a person needs to have a resource to go “below the surface.”

Why is information on the deep web harder to access? Without authentication, that information is at risk for public consumption.

The deep web contains sensitive information like:

  • Personal email accounts
  • Content on your social media accounts
  • Online banking and investments
  • Private online databases
  • Medical records and private health information
  • Content contained within scientific and academic databases.

A lot of what exists on the deep web consists of personal information that you wouldn’t want to turn up in a web search — like your social security number or credit card information. This is private and could be misused in a data breach.

Remember, if you must provide a username, password, or some other type of authentication, the information you access is on the deep web.

Intentionally Hidden on the Internet

What is the Dark Web?

The dark web IS a part of the deep web but cannot be accessed through traditional web browsers. The dark web is intentionally hidden on the Internet. Originally designed to share information and communicate by the US Military, the dark web is now accessed by others.

Accessing the dark web is not an easy task for the general Internet user. Regular browsers like Microsoft Edge or Google Chrome are unable to access dark web websites. The dark web uses what’s called The Onion Router (often referred to as Tor) hidden service protocol. “Tor” servers are undetectable from search engines and provide complete anonymity.

Although not all activity on the dark web is harmful, there is a growing population of cybercriminals that use the dark web maliciously and for illicit purposes. Some cybercriminals sell sensitive information on the dark web that can be used to exploit companies and can lead to identity theft. The dark web also is a place where some cyber attacks are planned.

Here are a few examples of what can be found on the dark web:

  • Stolen information: If a company experiences a data breach because of a cybersecurity failure, there’s a chance the stolen data may be up for grabs on the dark web. Other stolen information for sale includes login credentials and hacked Netflix and Amazon accounts.
  • Illicit substances: Believe it or not, you can find and purchase illicit drugs and toxic chemicals on the dark web. Prescription drugs are also available on the dark web.
  • Dangerous and disturbing images and information: Unfortunately, the dark web can be a dangerous and ugly place. Human trafficking, pornography, gore, and counterfeit goods have found a home on the dark web.

The dark web can be a marketplace for illegal behavior. Companies with a cybersecurity plan in place that includes dark web monitoring can stay ahead of cybercrime on the dark web. Employee information can be at risk – logins and passwords are prime data that can be sold and transferred on the dark web.

Website hackers, too, find ways to compromise company networks through the dark web. A dark web monitoring MSP (managed service provider) can help you keep track of any information that may be compromised.

Protecting Your Data and Organization

Cybersecurity and Dark Web Monitoring with Everound

As a cybersecurity expert, Everound can help monitor the dark web for your small business or corporate enterprise. Through a strategic, customized and intentional approach, our team of cyber experts will create a cybersecurity dark web monitoring protocol that includes:

  • Real-time alerts of dark web threats
  • Routine scan of dark web for your business information
  • Detection of compromised credentials including IP addresses, email addresses, and logins and passwords

Cybersecurity companies like Everound are experts at preventing cyber threats from infiltrating your business. With more than 30 years of experience, our team of cybersecurity professionals can recommend and implement data protection strategies and programs to help keep your information and your network safe from harm. Reach out today for your free cybersecurity risk assessment. We focus on IT so you can focus on your business.

In today’s highly volatile cyber environment, it’s important for business owners to have a clear, strategic approach to a cybersecurity risk management process. Managing cyber risk should be considered a priority for all business owners, regardless of size. While most media coverage focuses on cyber-attacks for large enterprise-level organizations, many small and medium businesses are also facing cyber-attack challenges.

Cyber-attacks are not random. In fact, if you know what to look for, there are usually signs of a planned or imminent cyber threat. Phishing emails and mentions of organizations on the dark web are both red flags that an organization is being targeted.

What should business owners do to stay ahead of potential cybersecurity vulnerabilities? The answer is the creation and implementation of a cybersecurity risk management plan. A cybersecurity risk management plan is the ongoing process of identifying, analyzing, evaluating, and addressing cybersecurity threats. The process is shared among an entire organization, not just members of the information technology team.

Because the cyber landscape is continually changing and new, sophisticated threats emerge daily, a risk management plan doesn’t completely provide a fail-safe for cyber threats. However, by establishing a risk management approach to cybersecurity, an organization can greatly reduce its risk by attending to the flaws, threat trends, and attacks that matter most to its business.

Let’s take a look at how to develop a cybersecurity risk management plan, the common cyber risk management frameworks, and the benefits of cybersecurity risk management.

Prepare Now. Save Later.

Developing a Cybersecurity Risk Management Plan

When developing a cybersecurity risk management plan, many organizations approach the process with a 4-step model. First, organizations should identify risk, then assess the likelihood of the threat or risk actually occurring and what is its potential impact. The third step is to identify appropriate risk mitigation measures, and the final step is an ongoing monitoring program that includes risk response and security controls designed to evolve to address a shifting cyber threat environment.

Let’s explore each step of the process in more detail.

Step One: Identify Cybersecurity Risk

An IT risk is essentially any threat to your business data, IT infrastructure systems, and overall business processes. It is the potential for an unplanned, negative business outcome that comes as a result of a failure or misuse of information technology. When considering what your IT risks are, think of how a threat can impact your business and what would the consequences be?

When identifying risk, start with thinking about the threats, vulnerabilities, and consequences of an IT failure. Document each before moving to the next step.

  • Threats: Threats are circumstances with the potential to affect an organization’s operations or IT assets negatively. This can occur through unauthorized access to IT information systems and can occur through human error, cyber-attacks, IT configuration failures, and even natural disasters such as a hurricane, tropical storm, or black out.
  • Vulnerabilities: What are the weaknesses in the information system, security procedures, internal controls or implementation from a threat? In addition to internal vulnerabilities, list the external weak points such as supply chains and vendor relationships.
  • Consequences: Consequences are any of the adverse results that happen when a threat exploits a vulnerability. What costs – both hard and soft – are at risk and would be a consequence if a cyber threat was successful? Some of the costs include revenue, destroyed or lost information, and customer trust.

Step Two: How to Assess Risk

After cybersecurity risks are identified and documented, the next step is to assess your level of risk to determine what level of cybersecurity measures should be implemented. Which risks are the greatest? Which have low consequences? Assessing risk can help you determine how to build your risk management plan.

For reach risk, conduct an impact analysis that includes:

  • Name all assets
  • Prioritize each asset
  • Identify all possible threats
  • Identify vulnerabilities
  • Determine the likelihood of a threat event
  • Conduct an impact analysis to estimate the cost impact

The results of your risk assessment will be a guide to inform risk management decisions and risk response measures in the future.

Step Three: Identify and Implement Cybersecurity Risk Mitigation Measures

Now that you’ve intentionally identified IT risks, how can you mitigate each risk to minimize the impact of a cyber-attack? Depending on the outcome of the previous steps, there are several options to help manage cybersecurity risk including:

  • Cybersecurity training: Most successful cyber-attacks are the result of human error. Cybersecurity training programs for staff and stakeholders is a great tool to help mitigate risk.
  • Updating software: Updating software is an important part of cybersecurity. Outdated software lacks patches if vulnerabilities are discovered and can fall prey to advanced cyberattacks. This poses several security risks, both due to human malice and the chances of information system failure.
  • Multi-factor authentication (MFA): MFA is a security feature that dramatically improves account security. MFA, also referred to as two-factor authentication, adds an additional layer of security to protect organizational data and assets.
  • Data backup: Data backups are an essential part of a cybersecurity risk management plan as they allow for data protection and recovery in the case of a successful attack. There are different strategies and resources available for data backup, most including cloud services.
  • Endpoint protection:  Every single device that is connected to your network is an entry point to your business. Endpoint protection works by examining files as they enter and leave devices on your network. An endpoint security system is a software program that is centrally managed by an administrator and tracks threats in real-time.
  • Dark web monitoring: Company email addresses, validation credentials, account information, and other important business data can be compromised or sold on the dark web. Adding a dark web monitoring service to your cybersecurity plan helps protect yourself from a data breach.

Step Four: Implement Ongoing Monitoring

After putting cybersecurity risk mitigation measures in place, most business owners have a false sense of security. After all, they’ve identified risks and put security measures in place – shouldn’t that be enough?

Unfortunately, cybercriminals and cybercrime evolves and change rapidly. Ongoing monitoring can help ensure internal controls keep up with changing IT risks.

Best Practices

Common Cyber Risk Management Frameworks

When building a cyber risk management process, there are several frameworks that help businesses adhere to industry and regulatory best practices. A cybersecurity framework provides a common language and set of standards for IT professionals in varying industries. Having a framework in place makes it easier to define the processes and procedures your business must take for cybersecurity.

Some of the most popular frameworks include:

  • NIST Cybersecurity Framework (CSF): Drafted by the National Institute of Standards and Technology (NIST), this framework addresses the lack of standards when it comes to cybersecurity across the private and public sectors. NIST CSF provides a uniform set of rules, guidelines, and standards for organizations to use across industries.
  • DoD Risk Management Framework (RMF): The Department of Defense (DoD) Risk Management Framework (RMF) is the set of standards that DoD agencies use to assess and manage cybersecurity risks. This framework can be applied to other industries and breaks down a cyber risk management strategy into six steps.
  • ISO/IEC 27001 and 27002: Created by the International Organization for Standardization (ISO), ISO 27001 and ISO 27002 are considered the international standards for validating a cybersecurity program. Companies can receive ISO certification by following the framework outlined.
  • FAIR: The Factor Analysis of Information Risk (FAIR) is a cyber risk framework developed by The Open Group to help businesses understand, measure, and analyze risk to help business leaders make well-informed decisions about their business risk and their cybersecurity practices.
Stay Ahead of Cybercrime

Benefits of Cybersecurity Risk Management

An intentional and strategic cybersecurity risk management program can reduce the risk of cyber criminals obtaining sensitive company information. There are countless benefits to a thought-out, intentional approach to cybersecurity including:

  • Phishing detection
  • Brand protection
  • Fraud protection
  • Sensitive data leak monitoring
  • Dark web activity
  • Automated threat mitigation
  • Minimizing supply chain risks

Unsure where to start with a cybersecurity risk management plan? A managed services provider (MSP) specializing in cybersecurity can help you create a framework to protect your business from cyberthreats.

Protecting Your Data and Organization

Cybersecurity Risk Assessment with Everound

Cybersecurity companies like Everound are experts at preventing cyber threats from infiltrating your business. With more than 30 years of experience, our team of cybersecurity professionals can recommend and implement data protection strategies and programs to help keep your information and your network safe from harm.

We offer a free cybersecurity risk assessment that can help you start developing your cybersecurity risk management program. We will take a deep dive into your potential security threats and recommend programs that can help you reduce risk. Reach out today for a free consultation. We focus on your IT, so you can focus on your business.

Ransomware attacks are on the rise and are making national and global news headlines and for good cause. In 2020, there was a 150% increase in attacks and a 300% increase in the amount of ransom paid. This increase does not appear to be slowing down either. To date, the amount of ransomware attacks in 2021 has surpassed all of last year. What is contributing to this increase?

While there are several factors that have contributed to the increase, one main reason was the immediate shift to remote work during 2020. Almost overnight, many businesses went 100% remote without a cybersecurity plan in place. Workers were utilizing their personal computers and laptops and logging on from home on unsecured VPN networks rather than connecting at the office through a secure network. Cybercriminals were able to exploit security weaknesses at both large and small businesses.

Do you know your risk for a ransomware attack at your business? Let’s take a look at how ransomware attacks have changed, who is at risk for an attack, and ways to reduce your risk.

More Sophisticated Attacks

How Ransomware Attacks Have Changed

When you think of a ransomware attack, you may think of a lone person sitting in a dark basement hacking into a company’s network trying to gain access to sensitive information. The hacker gains access to the company through phishing emails and once in the network, deploys malware that encrypts servers and sensitive company data. While this methodology still occurs, the entire process has evolved, is more organized, and is a massive, profitable business.

While there are still ‘lone wolves’ executing ransomware attacks, most data breaches occur at the hands of a group of sophisticated, strategic cybercriminals. These organizations, usually located in eastern Europe, are extraordinarily adept at infiltrating a company’s servers and planting ransomware. They extract as much sensitive company information as possible in order to demand ransom payments.

Another factor in the increase of ransomware attacks is ransomware-as-a-service (RaaS). Think of RaaS as a franchise model for ransomware attacks. Large-scale, organized groups of cyber criminals, such as DarkSide and REvil, franchise their capabilities such as encryption tools, communications, and ransom collections to independent hackers in exchange for a percentage of the collected ransom. This model has allowed ransomware attacks to be outsourced across the globe.

Is Your Business at Risk?

Who Is at Risk for an Attack?

Ransomware is a profitable business and ransom demands have escalated over the last two years. It’s no surprise that attackers are targeting large organizations who are likely to pay a ransom rather than have their business frozen for more than a day or two. Several different industries have been targeted recently including healthcare and critical infrastructure. The highly visible Colonial Pipeline attack crippled the company and the fuel supply chain on the East coast.

While large-scale ransomware attacks have made the news, there are many more that do not make national headlines. Small organizations are also at risk for an attack, especially by bots programmed to use a ‘shotgun approach’ at ransomware. These bots will scan thousands of company websites looking for email addresses, social media profiles, and any other personal data to use in a cyber attack.

Ransomware attacks are hitting close to home in Central Pennsylvania. Last year, the Duncannon borough in Perry County paid tens of thousands of dollars to hackers who held municipal data hostage. Although service was uninterrupted, the borough’s e-files, data, and emails were encrypted, and backup systems were compromised.

 

The bottom line – almost any organization is at risk for a ransomware attack. If you are a business owner, how do you reduce your risk for a cyber attack?

Start with Preparation

How to Reduce Your Risk

The best way to reduce your risk of a ransomware attack is to prepare for one. When you go through the process of preparing for a cyber attack, you will identify potential vulnerabilities and be able to address them prior to an attack.

Here are some key ways to prevent ransomware:

  • Create an incident response plan: A cybersecurity incident response plan helps companies prepare for, detect, respond to, and recover from cybersecurity incidents. The plan should address issues like malware detection, data theft, and service outages.
  • Invest in cybersecurity insurance: Cyber insurance is designed to mitigate losses from a variety of cyber incidents, including data breaches, business interruption, and network damage. It generally covers your business’ liability and helps in recovering compromised data. If you do not have cybersecurity insurance, your IT department, legal department, or your managed IT services provider can help you procure insurance.
  • Set up a secure texting channel: One of the first casualties of a cyber attack is internal communication via email. To ensure senior leadership can communicate without access to email, set up a secure texting app.
  • Use multifactor authentication (MFA): MFA is an electronic authentication process where a user is granted access to a website or application only after successfully providing two or more pieces of evidence to an authentication mechanism. MFA processes reduce the risk of ransomware since it creates an additional barrier to access of data.
  • Provide regular cybersecurity training: Most network weaknesses and cyber attacks are caused by human error. Regular cybersecurity training can drastically reduce the risk of an attack.
  • Consult with a cybersecurity company: Cybercriminals have years of training and prep to be able to be successful at what they do and one of the best ways to stay ahead of an attack is to work with a company that specializes in cybersecurity. A reputable company will help you put a plan in place to reduce your risk of an attack as well as continuously monitor your network for suspicious activity.

While no company is 100% protected from becoming a victim of ransomware, you can reduce your risk by taking proactive steps and be prepared if an attack happens.

Keeping Your Data Safe

Everound for Your Cybersecurity Needs

Everound specializes in cybersecurity best practices for small businesses to large enterprises. Our team of cybersecurity experts can help you create an incident response plan, help procure cybersecurity insurance, and implement data protection strategies and programs to keep your information and network safe.

Reach out today to start a conversation about cybersecurity for your business. We can provide a free cybersecurity risk assessment and recommend next steps to protect your data. We focus on your IT, so you can focus on your business.