Companies Lose An Average of $200,000 On Cyberattacks

Cybercrime is a type of criminal activity that’s becoming increasingly prevalent these days. What’s even more worrying is that cyberattacks are set to cost companies all over the world as much as $5.2 trillion in just five years.

Cybercriminals love to target small businesses and 43% of online attacks are aimed at them. The problem is a meager 14% of these firms have made the effort to protect themselves against such attacks. If you are a small business owner, you need to prioritize information security.

IT experts guarantee that every modern company’s state of the art perimeters will be breached eventually. Therefore, for small businesses, it’s no longer about if these security threats will happen but when they will take place.

To make things worse, the results of cyber attacks rise and such incidents now cost small businesses an average of $200,000. About 60% of the businesses that were breached have gone out of businesses six months after they were attacked.

The number of occurrences of these cyberattacks has gone up as well with over 50% having of the total number of small businesses suffered a breach within the past year. Plus, 4 out of 10 small companies having suffered multiple cyberattacks.

Even though this is already the case, 66% of the executives of small businesses still think they won’t be targeted by cyber criminals. Moreover, six out of ten don’t have any cyber defense plan of any kind, which means there’s a great need for improved education and industry awareness.

The damage that is brought upon a compromised company becomes worse because it usually takes about 101 days before company owners and business operators detect that they were hacked.

The costs that these compromised businesses need to cover can also pile up quickly. Aside from the attorney’s fees and other ancillary costs that you have to deal with, you will also be faced with the issue of losing customer confidence and loyalty as well as business relationships.

There are 30.2 million small businesses in the U.S. right now. If they wish to be protected from most, if not all types of online threats, they need to set in place a comprehensive IT security strategy.

• Make backups and duplicates of files and data every day.
• A network firewall, anti-virus, and tools for information encryption should be installed and updated regularly. They will scan and counteract harmful programs and viruses, and keep sensitive data safe and secure.
• Employees should only be given access to files, folders, and applications they need to use to do their job.
• Staffers must be trained regularly, every three months at least, and inform them of the latest cybercrime trends and online threats.
• Test the ability of your employees to detect scammers. You should also check how they respond to fraudulent requests.
• Perform tests for ongoing vulnerability and conduct risk assessments on installed applications and computer networks.
• Install cyber analytic tools that could scan user accounts, applications, networks to detect and halt any suspicious activity before they spread.

Why Companies Need Threat Intelligence?

Please remember that cyber threats may come from internal and external sources. With the increasing number of sensitive data that businesses handle these days, the best cyber defenses today are multipronged.

Call SpartanTec, Inc. and let our team of IT experts help you set up measures to protect your business from cybersecurity threats.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Data Breach: Top Reasons Why It Happens

It seems like every day, there’s something in the news about a company experiencing a data breach, putting the organization, as well as its partners and customers, at risk. If you don’t want your business to be one of them, you have to know the most common causes of data breaches and what you can do to improve your information security.

Weak Passwords, Stolen Credentials

Hacking attacks is one of the most common cause of data breaches. But the vulnerability that hackers exploit is generally a lost or weak password. Statistics showed that four out of five breaches have been classified as a hack were in part due to stolen or weak passwords. There’s an easy way to deal with this and that is to use complex passwords and to never share them to anyone.

Application Vulnerabilities

There’s no need for you to open the door if it’s already open. Hackers like to exploit poorly implemented or designed because they leave openings that they can use to access your data. One simple solution is to make sure that all your hardware and software solutions are updated and functioning properly.

Malware

There is a rising trend in the use of in-direct and direct malware. Generally speaking, malware is a malicious software that is installed unknowingly and provides access for a hacker to a system and other connected systems. Be careful when accessing websites or when opening emails especially if you think they look suspicious.

Social Engineering

Hackers don’t need to go through the hassle of finding a way to access a system if they can let others with a more legitimate claim to the data they need do it for them instead. So, if it is too good to be true then don’t go for it. Chances are, hackers are waiting on you to grant them access to your system.

Too Many Permissions

Hackers love access permissions that are way too complex. Companies that fail to keep a tight rein on who has access to what within their company are more likely to have provided the wrong permission to the wrong individual or perhaps have neglected outdated permissions, which hackers will exploit. You don’t have to complicate things. When it comes to securing your information, simple is better.

Insider Threats

When it comes to information security Wilmington, the adage keep your friends close and your enemies closer is relevant. The disgruntled contractor, rogue employee, or those people who don’t know any better have been provided with the permission to access your company data. So what’s preventing them from altering, copying, or stealing information?

You should know who you are dealing with and act right away when there is an indication of a problem and make sure that everything is covered with produced and process that are backed up with the right training.

Physical Attacks

Is your building secure or safe? Hackers do not just sit around in a bedroom located in a far away land. They’ve got high visibility jackets along with a strong line in plausible patter to allow them to work their way into your building and inside your systems and network. You have to remain vigilant and watch out for anything that looks suspicious and make sure to report it.

Incorrect Configuration, User Mistakes

Errors happen and mistakes are made. Hire the right IT expert to be in charge in making sure that your data is secured.

IT professionals at SpartanTec, Inc. in Wilmington will set in place robust and relevant procedures and processes to prevent user error, then mistakes could be kept to the bare minimum and limited only to areas where they are much less likely to result into a major data breach.

Call SpartanTec, Inc. if you want to know how to amp up your information security and safeguard your business from all kinds of online threats.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Malware And Viruses On Apple/Mac Systems Are On The Rise

For most of Apple's history, the company has been able to cast itself as a safer alternative to Windows-based computers.Hackers tended to focus the bulk of their efforts on Wintel boxes (Windows processors), rather than Apple machines. That has been changing in recent months. According to research conducted by Malwarebytes, over the past twelve months, there has been a significant upsurge in the number of attacks made against Macs.

To give you a sense of the scope and scale of the increase, in prior years, the average number of detections per Mac clocked in at 4.8, while the number of detections per Windows-based PC was 5.8. In 2019, the average number of detections per Windows-based PC remained unchanged, while the average number of detections per Mac spiked to 11, more than doubling in a single year.

The researchers note, however, that the types of threats Mac users face are very different from the threats presented against Windows-based PCs, and are generally not dangerous. For instance, the most common infections Mac users suffer from are adware programs that display unwanted ads to infected recipients.

Naturally, there are cases of ransomware, keyloggers and banking trojans that target Macs. However, they are relatively less common than similar infections on Windows-based PCs.

If you're a Mac user, don't breathe a sigh of relief just yet though. The Malwarebytes research team concludes by warning us. They say although the attacks against Macs are currently less destructive than the attacks made against Windows-based PCs, that could change at any moment. There's nothing whatsoever keeping the hackers from swapping out adware in preference for a much more threatening piece of code.

All that to say, whatever type of computer you use day to day, it pays to keep your guard up. Nobody is truly safe.

Be proactive when it comes to securing your systems. Consult SpartanTec, Inc. now and let our team of IT experts help you in protecting your network and systems from malware, viruses, and all other kinds of online threats. 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Beware Of Documents Asking To Enable Content

If you work in the financial sector, be advised that there's a large scale botnet-driven malware campaign underway. It has been targeting firms in both the US and the UK.

The malware at the heart of the campaign is Emotet, which began life as a banking trojan, but it has morphed into something quite different in recent times.

It's now a full-fledged botnet and its creators are leasing it out to anyone who can pay.
Make no mistake, the latest configuration of Emotet isn't a threat to be taken lightly. Last year, it accounted for almost two thirds of malicious payloads delivered via phishing attack. The malware was heavily used throughout much of 2019, suffered a marked decline during December, and then came roaring back to the fore in January of 2020.
While the major thrust of this latest campaign is aimed at financial institutions, a small number of attacks have been made against companies in the media, transportation, and food industries.

The campaign is being conducted largely by phishing emails that contain a Microsoft Word Document that pretends to be an invoice for a service recently rendered. The email subject line varies but in all cases it mirrors the invoice and/or bank details.

Naturally, if a recipient attempts to open the invoice, he or she will get a popup box indicating that Macros must be enabled in order to properly view it. If the recipient clicks the button to enable macros, the malicious payload will be installed.

This is time tested and a reliable method of getting malicious code onto target machines. It's been around for years, but it's still in use because it's so effective. Make sure your employees are aware of the threat and stay vigilant. If the early indications mean anything, 2020 is going to be a very trying year.

Call SpartanTec, Inc. in Wilmington to protect your network against malware and other threats that may trick you or your employees to grant access to sensitive business information. 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

New Updates To This Malware Made It More Dangerous

If you haven't yet heard of a malware strain called 'Predator the Thief', it's something that belongs on your radar.

It first emerged as a threat in July of 2018, when it was used in conjunction with an extensive phishing campaign.

In its original incarnation, it proved more than capable of stealing passwords, browser data, user names and the contents of cryptocurrency wallets. In addition, it was able to access the infected victim's webcam and take pictures with it, sending everything to a command and control server.

Unfortunately, the group behind the malware has been busy updating it. It's recently been spotted in the wild with a new set of enhanced capabilities that make it more difficult for antivirus programs to detect its presence.

In addition to that, the hackers have upped their game on the phishing campaign front. This included adding new documents to use as lures to hook the victim into inadvertently installing the malicious code.

The new and improved version of the malware was discovered by Fortiguard Labs, and apparently version 3.3.4 was released on Christmas Eve, 2019.

Although there's no clear indication as to who is behind the code, a forensic analysis reveals it to be Russian in origin. Fortiguard's researchers reached this conclusion based on the fact that the malware is specifically designed not to operate in Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Russia, Tajikistan, Turkmenistan, Ukraine or Uzbekistan. Those are countries that Russian hackers tend not to target as a rule.

In terms of minimizing the threat that Predator the Thief poses, Fortiguard's researchers recommend ensuring that macros are disabled by default and that all software (including OS software) is fully patched and up to date. These are, of course, sensible precautions to take when protecting against any threat, so it makes for good advice in general. Stay on your guard. It's dangerous out there.

Call SpartanTec, Inc. in Wilmington if you need the expertise of IT professionals in making sure that your network is protected against malware and other possible online threats. 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Cybersecurity Trends In 2020

Corporate and personal privacy keep on eroding because data breaches and cyberattacks increasingly common. During the first half of 2019, over 4.1 billion data records have been exposed in reported data breaches. The average cost of these data breaches for companies that have been affected is almost $4 million per business.

Becoming alert as the society becomes increasingly dependent on technology is the cybersecurity industry, worth $120 billion and is expected to grow to a massive $300 billion once 2024 comes. With the ages of IoT and AI are coming, you will benefit from having a home or vehicle that is connected to the internet, or every day schedule to organize and automate your lives further. However, you need to ask yourself: are there possible hidden costs of increased internet connectivity? With hackers breaching devices and networks every 39 seconds, it is crucial for firms to have necessary security measures if they want to survive and thrive as a formidable business. Now that 2019 has ended, here are five of the top security trends you need to watch out for in the new year, 2020.

Cloud-Based Security Expansion

While the world is continuing to move most of tech infrastructure into the cloud, you will see security platforms that are cloud based and security services will also follow. Over the past twenty years, cloud computing has evolved significantly and it is now commonly utilized to support important operations of various businesses. From Dropbox and other data storage services that are cloud based, to all in one CRM clouds like Salesforce, businesses and consumers have become increasingly dependent on storing essential data in these clouds.

Data Encryption Advancements

Over the past years, cyberattacks have become much more sophisticated. Plus, an increasing number of advancements in data encryption have followed. The rise in encryption advancements will help you stay ahead of current security threats including distributed ledger technologies, zero-knowledge proof, ring signature, and privacy technology. If these techs are used in combination with any of the others, not only partial or full data anonymization will be achieved but identity and data verification will also be automated.

Cyber Insurance

The world faces countless cyber threats and that is why cyber insurance has become a need for not only large firms but small to medium enterprises, too. About $11.5 million is the estimated aggregate global loss linked to cyber extortion and hacks. At the moment, the size of the market for cyber insurance is at $2.4 billion in premiums and it is expected to grow twice in size or even triple this year. However, some growth may be limited due to the restrictive conditions and high cost of coverage on insurance policies.

Passwordless Authentication

Password protection and privacy will be a major problem that will plague consumers and business today because of the rise of AOL. However, just recently, there’s another method of authentication that sought to replace passwords. The password authentication tools may include hardware tokens or one time password generators, knowledge based authentication, and biometric authentication.

About 90% of mid size firms are expected to go with passwordless authentication in over 50% of their use cases by 2022. GETID and other similar companies will help other firms process AML and KYC checks for their clients using a compliant and secure biometric product. One of the biggest point of attack for hacking is password and that is why it is obvious for many businesses to prioritize identification through other means.

Cybersecurity Talent

Back in 2017, the World Economic Forum said there was as shortage of people who are trained in cybersecurity and it has not stopped increasing ever since. Unfilled cybersecurity jobs will continue to rise up to 3.5 million globally by 2021, which will be an increase of 350% from 2014. In the United States alone, there are 1 million people working on cybersecurity but there are around 500,000 positions that are still left unfilled. Since the list of security certifications and security training firms are still growing, finding work in this sector is almost certain if you are qualified.

Call SpartanTec, Inc. in Wilmington now and let our team set up the most effective strategies to improve and bolster your cybersecurity in 2020.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

New Ransomware Threatens To Release Stolen Data To Public

The leaders of the ransomware known as Sodinokibi (REvil Ransomware) have announced a nasty new tactic to get their victims to pay up when their files get encrypted.

The hackers are now threatening that they'll begin releasing stolen data to the general public or to competitors unless the ransom is paid.

While hackers have made this threat in the past, this year was the first time in history that anyone has followed through with it. At the end of November of this year, when Allied Universal was successfully attacked, they were given the ultimatum to pay up or see their files released. The company didn't pay, and the hackers promptly released more than 700MB of data on a hacking forum on the Dark Web.

Given this new reality, it raises some thorny questions. Should IT professionals begin treating ransomware attacks as data breaches? Possibly so, but doing so complicates matters. Right now, ransomware attacks are treated as a purely internal problem. Customers and vendors aren't necessarily contacted and formal disclosures don't have to be made as to the scope and scale of the data impacted.

If hackers start regularly releasing the files they encrypt, it puts a lot of information at risk. Information that includes sensitive data, personal information, salary information, termination letters, details on relationships with third parties, trade secrets, and a host of other sensitive, proprietary data. It is all at risk of public exposure. It will not only increase public concern but could easily lead to lawsuits. That is especially if the company falling victim to a ransomware attack fails to report it as a breach and the data is subsequently leaked.

It's too soon to say whether or not this is or will become the new normal, but before it happens to you, it bears thinking about how your company will handle the issue.

Don't put your client's information and your business data at risk. Call SpartanTec, Inc. in Wilmington now.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255

https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro