The content of this year’s National Cybersecurity Awareness Month (NCSAM), “is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online.”
NCSAM 2019 “emphasizes personal accountability and stresses the importance of taking proactive steps to enhance cybersecurity at home and in the workplace. This year’s overarching message – Own IT. Secure IT. Protect IT.
(Reference: https://niccs.us-cert.gov/national-cybersecurity-awareness-month-2019)
THE CURRENT STATE OF RANSOMWARE In a recent podcast, Hal Lonas, CTO of security software providers Webroot and Carbonite, offered a succinct explanation of how ransomware has flipped the security threat paradigm. “It used to be that the bad guys wanted data because it was valuable to them,” he said. “With ransomware, they’re essentially asking: ‘your data isn’t valuable to me, but how much is worth to you?’ It’s scary how smart it is.”
There are a few dominant families of ransomware in existence today. Each family has its own variants. It is expected that new types of ransomware will continue to surface as time goes on. This is because cyber extortionists are constantly modifying ransomware code to evade detection by the most common defense technologies, such as security software. This year, we’ve witnessed a surge in “polymorphic” malware, which is a variant that changes automatically as if to appear as unique to different endpoints. This is a major issue, because traditional security software often fails to discover singular variants.
Most ransomware uses the AES algorithm to encrypt files. To decrypt files, hackers typically request payment in the form of Bitcoin or alternate online payment voucher services.
Email is the most common method for distributing ransomware. It is generally spread using some form of social engineering; victims are tricked into downloading an e-mail attachment or clicking a link. Once the user takes action, the malware installs itself on the system and begins encrypting files.
In other cases, hackers install code on a legitimate website that redirects computer users to an alternative and malicious site. Unlike the SPAM email method, this approach requires no additional actions from the victim.
Although ransomware is a well known problem, many companies have not taken a proactive approach in protecting their assets specially smaller businesses. The benefits of proactive IT support, rather than reactive, are significant. Costs incurred when recovering from a security breach are much higher than those associated with preventing one advises Steve Terracina of Amicus MSP to their clients.
Education is key! It is recommended that all current and new employees go through some sort of basic cyber security training. During this training, all employees should know how to spot a malicious email, such as a ‘phishing email’ and know exactly what to do if they do encounter a potential ransomware lure (i.e. don’t open attachments, if you see something, say something, etc.). This is an essential part of protecting a company against attacks and it should become a fundamental practice in any business today.
Amicus MSP is a Managed IT Service Provider ‘where IT support and customer service meet’ offering top down technology solutions for companies of all sizes, with particular expertise in serving franchise models.
As a managed services customer, you will also have the benefit of predictable IT costs since you will no longer be individually invoiced for covered support requests” explains Court Price of Amicus MSP as to why a managed service approach is more cost effective for any business to address cyber security issues.
Amicus MSP can immediately begin to resolve urgent issues while working with you on a longer term IT strategy to help ensure your business is positioned for the future with options such as, cloud based business continuity and disaster recovery in order to mitigate potential threats related to ransomware, crypto-locker, viruses and basic hardware failure. Leave the IT to Amicus MSP so you can focus on what matters most, your business.