We’ve talked about some of the more common threats that all businesses need to be careful of, but how dangerous is the current landscape? Are you at risk of cyber-attack?
In this blog, we’ll address a few of the most widespread threats that need your attention.
When it first came out, Windows 7 was very popular. It still is. According to some estimates, nearly 70% of all PCs are still running Windows 7! That leaves a lot of people at risk of attack when support officially ends in January 2020.
The single largest reason for upgrading to Windows 10 is security. When Microsoft stops updating security on these systems, it’s only a matter of time before your system becomes an easy target for hackers.
Don’t think hackers only target little old ladies on 15-year-old computers. It appears that Marriott Hotels, one of the largest chains in the world, will be fined $123 million for a breach that exposed private information of over 332 million customers. Even though it can be argued that the hotel chain was the victim, they are the ones responsible for what happens on their servers.
What makes this even scarier is that while the company spent quite a bit on their security, they didn’t detect the breach for nearly four years. This goes to show that the amount spent on a security system doesn’t mean anything unless it is well implemented and monitored.
One of the biggest trends in ransomware this year is targeting specific industries. Why is this so alarming? Well, the most dangerous enemy is someone who knows how to hit you where it hurts most. In the case of LockerGoga, this particular software is designed to cripple manufacturing firms by causing their automation systems to go offline. This disruption is key to the ransomware’s efficiency. As of this writing, LockerGoga has already affected industrial manufacturing facilities in two continents. It nearly shut down their production completely. It also seems that hackers are upping the ante, demanding hundreds of thousands of dollars in ransom.
While not excusable, it’s understandable why someone would want to hack businesses: money. If you’re a medical or charitable organization, you’re not really at risk, right? Not so fast! For reasons that are not always clear, this year has been especially difficult for those in this sector. In Europe and Asia, tens of thousands of records have been compromised within organizations ranging from charities for abused children to HIV clinics. Here in the US, at least 145,000 individuals who were seeking treatment for addictions at various facilities had their information stolen from a single server in April. One would think that even hackers would have some sense of decency, but as the saying goes, “There’s no honor among thieves.”
If your staff isn’t thoroughly trained, they can become the weak link in the chain. It’s easier for hackers to slip past your security through social engineering and phishing attempts. Up to 50% of your sensitive data, along with your clients’ data, can be breached through your employee’s smartphones, tablets, and laptops. Don’t get us started on poor password management. Proper IT security training can help you develop a “human firewall” as an extra layer of security.
Earlier this year, Dunkin’ Donuts experienced its second hack in three months, exposing DD Perks users. The information went right onto the Dark Web for the highest bidder to purchase. This may not seem like a problem until you read between the lines. This information contained usernames and passwords. Since many of us reuse the same username and passwords for various accounts, it becomes a matter of time before thieves find out what other services or even which banks you use. Once they have that information, it’s a hop, skip and a jump away to gain access to your most critical information.
Unfortunately, we don’t live in a safe world. It seems that at every corner someone is trying to breach computer systems to mine any tiny morsel of value. The most important lesson we can learn is to not let our guard down. Don’t feel like your network is impregnable. As long as there is a single penny to be made, there will be a data pirate waiting to jump at the opportunity.
Invest in the best cybersecurity you can get. Don’t risk being next in line to have your data sold on the Dark Web.