Tips and Tools to Improve Your Cybersecurity
While cybercrime comes in many forms, ransomware has become the No. 1 type of cybercrime affecting small businesses. The FBI’s Internet Crime Complaint Center (ic3) cataloged over 3,729 complaints in 2021 with adjusted losses of more than $49.2 million. The victims range from governments and utilities to small, independent businesses. So, improving cybersecurity is important to everyone.
New tactics and targets
The Cybersecurity and Infrastructure Security Agency (CISA) noted in a February 2022 release that ransomware gangs were changing their patterns in the wake of the pandemic.
In addition to “big game hunting,” going after large organizations, they began targeting mid-sized and small businesses. Ransomware incidents rose 104% in North America in 2021, according to the 2022 Cyber Threat Report from cybersecurity company SonicWall. Small to medium-sized businesses made up 20% of that increase.
Ransomware pirates also began targeting cloud accounts, infrastructure, applications, and more. Also targeted are cloud service providers in attempts to hijack large amounts of customer data.
Because of their trusted reputations, managed service providers have also become targets. The concept here is that tapping into them would provide access to many accounts instead of just one.
The ransomware “threat actors” also started working weekends and holidays when the perception is that organizations and businesses are more vulnerable at these times.
An ounce of prevention
The 2022 Verizon Data Breach Report shows that 85% of data breaches happened as the result of mistakes by people operating business computers. Phishing emails are opened. Bogus websites are visited. Deceptive links are clicked.
Cybersecurity experts around the globe say awareness is the first step in preventing any attack. That’s why October is Cybersecurity Awareness Month. Ever since 2004, CISA and the National Cybersecurity Alliance each October champion the effort to raise awareness both nationally and internationally.
How can individuals and businesses protect themselves from ransomware and any attack?
Keep computers up to date. Make sure security updates are downloaded.
Regularly back up files. Experts recommend making three backups in two different formats and storing one offsite. It’s known as the 3-2-1 method. Managed service providers can automate these tasks.
Educate yourself and your employees. Using strong passwords and multifactor authentication, along with learning and teaching how to spot phishing emails and websites is crucial.
Secure and monitor remote workers and access. It’s no surprise that cybersecurity attacks spread faster than the pandemic when many workers and their laptops worked from home. Make sure remote computers use virtual desktops or virtual private networks (VPN) and use multifactor authentication to connect to a business network.
Report the incident and don’t pay the ransom. If your business is hit with ransomware, cybersecurity experts are unanimous in their opinion that ransoms should not be paid. Ransoms paid in many of the highly publicized cases have sometimes been traced and at least partially recovered, but there are no guarantees that the hijackers will release a network after a ransom is paid.
Consider professional help. Most SaaS providers offer some form of security management. Like many retail software providers, Paladin Data Corporation Managed Services offers a variety of products that improve a store’s network performance, reliability and security. Insurance to protect against cybercrime is also available.
Here are some resources that can help you and your business improve your cybersecurity.