When Grown Men Cry – Cyber-attacks and How to Prevent Them27 Jan, 2016 By: Eric Stavola, MSCIS,MCSE,MCSA,N+,CDIA+
I answered a call to hear a man panicking with, “Eric my business data - it’s all lost! “ Surprised, I realized it was a business client who had just fell victim to a cyber-attack.
First, you need to know that:
• Cyber-attacks cost businesses $400 billion a year globally. (Lloyd’s of London, 2015)
• 40 percent of businesses that experience a critical IT failure go out of business within one year.
What is a Cyber-attack?
A Cyber-attack by definition is an attempt by hackers to damage or destroy a computer network or system. Cyber-attacks can be broken up into four key areas:
Viruses: Can infect computers through email attachments and file sharing. They delete files, attack other computers, and make your computer run slowly. One infected computer can cause problems for all computers on a network.
Ransomware: A type of malicious software designed to block access to a computer system until a sum of money is paid although ransomware is usually aimed at individuals, it's only a matter of time before business is targeted as well
Spyware: Is software that “piggybacks” on programs you download, gathers information about your online habits, and transmits personal information without your knowledge. It may also cause a wide range of other computer malfunctions.
Identity Thieves: People who obtain unauthorized access to your personal information, such as Social Security and financial account numbers. They then use this information to commit crimes such as fraud or theft.
Who is behind these attacks?
· Cyber criminals interested in making money through fraud or from the sale of valuable information.
· Hackers who find interfering with computer systems an enjoyable challenge.
· Employees or those who have legitimate access, either by accidental or deliberate misuse. 59% of employees steal proprietary corporate data when they quit or are fired. (Ponemon Institute)
Key Facts on Cyber Attacks:
• As many as 75 percent of breaches go undiscovered for weeks or months. (Michael Siegel, research scientist at MIT, at a recent cyber security conference)
• Just 21 percent of IT professionals are confident that their information security technologies can mitigate risk. (2015 Vulnerability Study, EiQ Networks)
As for my client who’d called, he and his business have recovered. We were able to recover his data and key files because he had forgotten that just six months earlier, I was able to talk him into implementing a back-up plan. Now with his business being up and running again, in hindsight, he realizes that paying for a secure, back-up plan was priceless because it saved his business, literally.
What can business do to prevent Cyber-attacks?
Business owners and key executives have a responsibility, when it comes to technology, to keep their business safe, their systems reliable, and their key data secure. In effort to achieve this below are five key steps to making this occur:
Have a Plan - Having a clear technology plan to support the company's overall business or organizational strategy is key. Meet every 90 days to review the plan and adjust or document needs accordingly based on business growth or challenges.
Set Policy - Institute a security policy, including documentation of data handling procedures specific to your company or organization.
Develop your People - Put professional development in place both for IT staff and regular staff around advancements in technology.
Have a Budget - Provide for a sufficient budget to acquire and support the non-discounted elements of the plan: the hardware, software, professional development, and other services that will be needed to implement the strategy.
Partner Up – Find a trusted advisor through a managed service provider. Having experts and proactive services behind your business will allow for you to fill skill gaps and leverage technology to its fullest.
What can individuals do to protect themselves from a cyber-attack?
Individuals at home and at work have a responsibility, as well as to keep their devices secure. Below are five easy steps to make sure one is taking:
1. Install OS/Software Updates & Anti-Virus Software on computers
2. Implement or turn on personal Firewalls
3. Get educated on and avoid Spyware/Adware
4. Protect your passwords at all times and don’t give them out
5. Implement a backup plan for your key files
Eric Stavola, MS.CIS, M.Ed, MCSE, MCSA, N+, CDIA+ is the U.S. Director of Pre-Sales Engineers, mindSHIFT, a Ricoh Company. Contact him at firstname.lastname@example.org