24 Feb 2017

Businesses are often needlessly victimized by cybercriminals, due to small yet costly employee mistakes that could have been avoided with just a little bit of education and training.

Below is information employees should know in order to make them assets to your cybersecurity team, as opposed to liabilities.

Cybercrime Awareness

It is crucial that employees are up-to-date on the lastest malware trends.

  • Ransomware.  2016 saw the dawning of a new Malware King – Ransomware.  But what is it exactly?  
    • Ransomware is malicious code that is downloaded to a computer or device.  
    • Once installed, ransomware targets certain files and/or data for encryption that cannot be unlocked without a decryption code.  That information will not be released for use until a ransom is paid.
    • Trending: While ransomware’s initial primarily victims were individual PC owners, the current hacker trend has seen an increase in scams targeting hospitals and/or financial institutions; not only do the small businesses have access to greater capital, but, as in the case of the healthcare industry, the hijacked device could even lead to health complications, or even death if not released in a timely manner.
  • IRS Form Scams.  The IRS has made it no secret that they are battling hackers who are using HR and Accounting departments at businesses and institutions alike, to amass the legitimate tax data they use to file false claims.

Hacker MO: Phishing

Just how are scammers able to get the the ransomware on and off the systems?  By being very, very sneaky.

  • Definition: Phishing is the general terms used to described hackers that cast a large malware net, looking for anyone who will bite.
  • Tactics:
    • Embedding viruses into fake websites that look like the legitimate site.
    • Sending emails from legitimate-looking vendors/people that contain malware in the emails and/or direct the user to the fake site.
    • Setting up an email address that looks like it came from the CEO or the HR/Accounting Departments, requesting that personnel send tax information immediately.
    • Receiving a phone call from a hacker who is pretending be someone in “Tech Support” that requests sensitive information in order to “fix” a “problem.”

Other Considerations

Ineffective Antivirus Software.  According to Virus Bulletin (VB), a leading Antiviral (AV) and spam testing site, both AV and anti-spam software are steadily falling behind the malware curve.  The site tests the detection rates and filter effectiveness of current AV protection, and the results are not encouraging.  In fact, detection rates have decreased by 10-13%, from right around 80 to less than 70% in the last 9 months.

Thank goodness for spam filters, right?

Wrong.

Ineffective Spam Filters.  VB tests found that one in every 200 emails containing malware makes it to an inbox, meaning that millions of inboxes are filled with potential threats every single day.

Increased Wireless Products.  With wireless devices becoming increasing popular and available, vendors are in a rush to get products to the market, often at the expense of user safety and security.  This can be especially dangerous for businesses.  Make sure your employees follow certain rules to ensure that their devices are not hacked: following these few simple guidelines can make all the difference:

  • Regularly updating passwords
  • Disabling remote access when not in use
  • Setting up drills so that your employees know how to react if there is an actual attack
  • Ensuring that employees only used approved data storage devices so that IT is able to control any potential breaches.  As mobile devices become more prone to hacking, more stringent rules should be in place about connecting any device  – no personal devices (including cell phones) should be allowed to connect to the employee’s work computer.

Conclusion

While it is true that all company’s employ human beings, and no human is perfect, staying abreast of cybertrend and sticking to basic rules is an easy way to reduce the likelihood that your business will become a victim of a cyberattack.

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30

    SCHEDULE AN APPOINTMENT

    Make It Happen Now

    CLIENT SUPPORT

    Don't Feel Stranded

    CONSULTATION

    Get Best Advice

    PAYMENTS

    Make A Payment

    Top