Are You Ready for a Cyber Attack?
Part 1 of 2
One of Mission Critical Systems partners, KnowBe4, recently shared a presentation with us on how serious the need for good cybersecurity has become. The sophistication of attacks has really taken a dramatic step forward in just the past eight to nine months- right when COVID was hitting the world hard.
In the presentation, KnowBe4 touches on the evolution of ransomware over the past few years, culminating in current methods that hackers are using. Click the image below to be taken to an online recording of this useful presentation.
In case you don’t have the time to watch the entire presentation, we summarized some of the most important points for you below:
- Ransomware infections used to happen immediately, but new infections are taking on a new approach. Attackers are first gaining access to systems and evaluating the network and company in order to maximize their money request. They then infect the company system with additional malware to collect passwords, copy corporate data offsite, corrupt backups (even changing encryption keys on encrypted backups), and basically collect everything that crosses the network. Then they hit the encrypt button. One of the hallmarks of an attack like this is if the names of documents you have stored are changed and have symbols in the titles, or when you click on a document to open it, payment is demanded to “unlock” the file.
- Some companies found the attackers had access to the network for 6 to 14 months before executing their attack, even compromising offsite archived backups.
- Attackers are certainly profiting off of their efforts: most victims have paid the ransom over the past 6 months as the attacks are so comprehensive that recovery is impossible.
- Company customers are also being affected. Customers of companies that have been infected from an initial data compromise have reported attacks on their own personal and/or work networks.
- You know those emails from your friends that claim they are stranded overseas and they need you to send them money or a credit card number to get back home? That is a phishing attempt. Phishing (the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers) is responsible for 68% of infections.
- Unpatched software (computer code or programs with known security weaknesses, which make them vulnerable to cyber attacks) is responsible for 30% of infections
Attackers are getting more sophisticated everyday with their hacking efforts:
So how can you be prepared for these cyber attacks? In our next blog post, we will discuss areas that MCS encourages you to review, and offer some solutions that can be implemented to better deal with these current, and constantly evolving threats. Be sure to touch base with your MCS consultant, or contact MCS today, and strategize on solutions that address these areas.