The Weakest Links in Network Security

Cyber security training and quality backups can save your business from costly security breaches and ransomware attacks.  User training is the most basic form of network security, and is often completely overlooked.  Having a solid backup of your business data is critical. The threat to businesses is real.  According to FBI reports, ransomware attacks cost their victims a total of $209 million in the first quarter of 2016.  However, that report was based on only the complaints that were reported to the bureau.  Datto, a Connecticut based cyber security firm estimates that “less than 1 in 4 ransomware incidents are reported to the authorities.” Cases of ransomware and other attacks are on the rise because they are so lucrative to hackers.  What can businesses do to protect themselves from this threat?  Does the problem lie with poor network security, or somewhere else? Even with quality network security measures in place breaches are commonplace.  Hackers are exploiting the weakest link of businesses security, people.  New techniques are using advanced phishing scams that make users think they’ve gotten some pictures from a friend, or a notification from UPS that their package has shipped. These phishing emails appear to be from known email addresses in most cases, and even have official looking logos.  They are often based off of the same format that the real companies use when sending out automated notifications.  They look real, and they’re effective at fooling users. Once a user mistakenly clicks a malicious link, it can immediately download ransomware onto the system.  This dangerous software will then scan the network and start infecting all the systems it can find.  If the computer has network drives it can infect the server and encrypt all of the data.  Users then receive a notice asking for a ransom.  When paid they will receive a decryption key that will allow them to access their data again. Novastor, a backup software company reports that, “70% of small business firms that experience data loss close their doors permanently within one year.”  Ransomware, and data loss of any kind are a devastating problem. There are a couple of things that businesses can do to protect themselves from ransomware and other threats.  The first seems like common sense.  Backup your data.  Regular backups of your server are critical and can save your business thousands in downtime and lost productivity. Phil Robinson of i.t.NOW, a Utah based computer support company talked about a recent run in with ransomware.  “Yeah, it was pretty ugly.  We have fairly advanced security in place for all of our clients, but when a user clicks on something they’re not supposed to it pretty much bypasses anything we can put in place.  Their entire network was infected and their server with all of their data and financial records was completely inaccessible.  The good news is that we had a solid backup solution in place that wasn’t affected by the attack, and we were able to quickly recover from that.  They were back up and running in short order.” Not all businesses are so lucky.  Robinson recommends that every business have an image based backup of all servers on their network that runs at least nightly if not more often.  That will allow them to recover quickly from ransomware or any other disaster. The second thing businesses can do to protect themselves from potential threats is to train their users to recognize a scam when they see one.  Phishing attacks are the primary source of ransomware.  Users should be vigilant when receiving email from unknown sources.  They should also pay close attention to attachments that are frequently a virus in disguise. Robinson says, “The basic rule of thumb should be to never open an attachment of any kind from an unknown source, and to stop if something looks suspicious.  When in doubt, call it out.”  Robinson recommends contacting an IT professional if you have questions about the legitimacy of a potential email.  Solutions such as spam filtering and advanced email security can also help to filter out threats. In addition, there are services such as KnowBe4 which will do an audit of your user security.  They send out a fake phishing message and see how many of your users take the bait.  Once the results are logged they put all users through an online training program that helps them better understand potential threats.  At the end of the course another phishing email is sent to see how effective the training was.  Users that don’t pass this basic test are put through the training again. Businesses should work with IT professionals to ensure that they have a sufficient backup solution in place to address the weakest links in network security.  User security awareness training is also a critical part of a business’s network security plan.