Will Your Business Survive a Ransomware Attack?

Most Small and Midsize Businesses Won’t Survive an Attack

Ransomware attacks are on the rise. Over 46% of the world’s total attacks are targeted against the US. Unfortunately, new research from CyberCatch, a cybersecurity platform provider, shows that 75% of small- and midsize businesses would be forced to close if a bad actor demanded a ransom. It is not a question of “if” an attack will occur for most companies but “when.” You can take steps to mitigate your risk and prepare for an attack.  

To Pay or Not Pay

Even if your business decides to pay the ransomware demand, it does not guarantee that you will recover your data in a usable format. Remember, you are dealing with criminals; thus, there is no code of ethics. Per the available research, 58% of extortionists attempted a second ransom after receiving payment, and 42% did not decrypt the files after payment, so the data was still unusable. Furthermore, if you pay in Bitcoin, the transactions are public and traceable. If used for any illegal transactions, they could be traced back to your business.

Even if you pay and recover your data, it takes an average of 16.2 days to remediate an incident. Think about having your business interrupted for more than two weeks. Not to mention the damage that is done to your reputation and inability to service your customers. The devastation done to one Illinois College is causing them to shut down indefinitely. In Michigan, Kalamazoo Community College was forced to close its campus after an attack. These are just two recent examples of attacks.

What Happens if Attacked

If your business becomes a ransomware target, these steps can help your business survive.

Assess the attack

Take a picture of the infected device’s screen before unplugging it. Pay attention to the payment deadlines or the number of days. Many times, the longer it takes to pay the ransom, the more the ransom demand. Check all of your systems to see if your network is compromised or if the attack is localized.

Immediately call your experts

This could be your internal IT team or a trusted IT vendor to supplement your team. In addition, if you have cyber insurance, contact them, and you may want to involve local law enforcement.

Determine the data you can recover

once you have identified what is infected, check on your backup systems to assess what data is recoverable. If you determine you need to pay the ransom to recover your data, have a clear communication plan on when and what you will pay.

Reset your systems

immediately reset all passwords. Ensure you have the latest software versions and run any patches to strengthen your security. Watch for backdoors that bad actors could further exploit.   

Do you have a Ransomware Plan?

We can help. Dewpoint has the security and infrastructure experts and experience to mitigate your ransomware risks and create a recovery plan in case you’re attacked. By taking simple cybersecurity steps, you can reduce the probability of an attack and its impact. Like in sports, we believe the best defense against an attack is a great offense. Contact one of our cybersecurity experts today.   

Is Your Organization Prepared for World Password Day?

Cybercriminals continue to exploit password weaknesses

The ninth annual World Password Day is May 5th. Intel initially created this event to raise awareness about the importance of strong passwords. Even after reminders and the organization’s updated security policies, per a Google/Harris survey, 52% of users reuse the same password for multiple (but not all) accounts; 35% of users reuse the same password for all of their accounts, and only 13% use a different password for all accounts. In addition, over 82% of employees admit to recycling passwords.

In 2020, the top type of information stolen worldwide was credentials. – over 60% of data breaches involved cracking or using stolen or recycled credentials. Although your organization may have strict password policies, that doesn’t mean your end-users aren’t reusing passwords for their Facebook, personal email, or Amazon accounts. 

Emphasizing and enforcing good password policies

Require confidentiality

ensure your employees understand the need for password confidentiality. Remind them regularly that sharing or having “post-it” notes with passwords is not allowed.

Use block-listing

automatically prohibit specific passwords or password strings like the famous “123password”. 

Set a minimum length

typically, a minimum of eight characters and symbols is required, but your organization may want to use a longer length.

Set a password history

don’t allow the reuse of previous passwords (going back at least four to six prior passwords) to discourage people from cycling through changes to revert to a familiar password. Monitor password changes and investigate employees who make changes within a short period. They may be changing to “outsmart” the password history requirement.

Don’t use password hints

although helpful in reminding your employees of their password, the ‘hint’ is often something familiar that a hacker can easily find out from social media.

Implement Multi-factor authentication (MFA)

according to Microsoft, MFA can stop  99.9% of threats to passwords. It can be implemented in various ways, from phone calls, text messages, or codes. MFA is a simple yet effective roadblock to accessing an account and strengthening overall data security. 

Reinforce password standards

training and reminding your staff about password guidelines should be part of your overall cybersecurity plan. Include password training as part of your security awareness training. Sending a “password reminder” is as easy as sending out this article to your team and recognizing national password day.

Password policies are just one step

Reinforcing good password policies is a simple way to increase your organization’s cybersecurity posture. However, it is crucial to evaluate your organization’s overall IT security to keep it safe. Contact Dewpoint today to set up an evaluation and take the additional steps to increase your IT security and reduce threats.

Why the Human Factor is Still the Most Important Part of IT Security

The human factor weakness

Regardless of the number of tools, software, and processes you implement, cybersecurity has one major weakness  – the human factor. Per Gartner, recent industry research shows that “22% of all breaches involved phishing, attackers leveraging stolen credentials accounted for 37% of all breaches, human error accounted for 22% of all breaches, and 30% of all breaches involved insiders”. Continuous monitoring and improvement are the keys to ensuring your human factor is no longer the most significant challenge for an effective threat prevention strategy.  

Tips to reduce the human factor

 Below are some tips to change your weakest link into your most robust in the cybersecurity fight.   

Keep IT simple

The more complex you make IT security for your end-user, the more they will find workarounds. By now, most organizations have implemented a password protocol requiring 10+ characters with a combination of letters, symbols, and numbers. The longer and more complex the password, the more likely the employee writes it down or reuses a password from another system. Think about how you can make it easier. Deploying multi-factor authentication (MFA) or two-factor authentication (2FA) may enable your organization to simplify the password requirements and add a layer of security.  

Trust no-one

We are ‘like’ family – many organizations get caught up in the employee ‘loves’ us and would never do anything to harm the company. Due to financial stress, a change in politics, or unforeseen circumstances, even the ‘best’ employee can be tempted to divulge company secrets or allow a ‘hacker’ to gain access. You can reduce exposure by implementing a zero-trust policy, where you trust no one and limit all users to minimal access – only enough to perform their jobs. Another option is to employ a privileged access management (PAM) tool to restrict access to sensitive accounts. Finally, make sure your organization has auto-monitoring to alert you if your system is attacked from the inside. The sooner you find out about the attack, the more you can control the damage.

It’s All About Education

Security awareness training should be more than a yearly task that employees need to complete. It should be ingrained into their everyday routines. Think about increasing or changing the training. Although computerized classes have become the norm, your employees may just be “clicking through” to get to the end. A few in-person sessions with small groups to talk about the latest threats and reinforce how important they are as the frontline defense will make more of an impact. In addition, include testing as part of your overall IT security awareness education. Periodically send out “fake” emails to judge if employees apply what they learn. Finally, ensure your employees know who to contact in case of a ransomware attack, know the protocols to follow, and aren’t afraid of reporting an incident. Don’t assume they know what to do.

How to improve your Human Factor

Making your organization cybersecurity ‘human proof’ starts with understanding where you are today. Dewpoint can help by evaluating your current organization and making recommendations to improve your overall security posture. As a technology company, we understand the software and tools that may help take the “human factor” out of the equation. Furthermore, we are partners with cybersecurity leaders in training and also provide individual training sessions. Contact us today.

Want to learn more about Cloud Native Architecture and Kubernetes?

 

Join the Capital Area IT Council Software Development Peer Group Meeting on April 14th

Containers represent the next generation of virtualization for IT infrastructure. Kubernetes and Docker make containers mainstream and serve as the foundations for more Cloud-Native Architectures. Our panel of experts introduces key concepts and uses of container technology.

Learn Key Concepts

The meeting presented by Dewpoint professionals focuses on three main topic areas:

  • General overview – discussion of containers and why they are an essential step in the evolution of IT infrastructure

  • Learning environment – short talk from a Dewpoint senior developer on what it was like to learn Kubernetes, including a demonstration of a learning environment

  • Case study – example from a recent project completed for a Dewpoint client using Azure application services and docker containers

Meet the Dewpoint team

Dewpoint speakers include Chris Weiss, Chief Technology Officer, Benjamin Hobbs, Software Engineer, and David Gruner, IT Specialist. Each has in-depth experience in the IT industry, emphasizing application development throughout their careers. They will be available to answer your specific questions regarding the discussion topic, other IT application software, or IT in general questions. The team has worked for various clients, including state and local government, small and mid-size businesses, and Fortune 500 companies.

How do I register?

Click here to register for the event or find out more about the Capital Area IT Council. To start a discussion on how Dewpoint can help you implement container technology or talk with one of our experts, click here.

Helping Credit Unions Improve Processes Through Automation

Using RPA to achieve optimization at your credit union

Where can you find a solution that automates your processes while lowering costs, gaining efficiencies, and reducing errors? How about a solution that improves the member experience?

Robotic Process Automation (RPA) provides these benefits and more. It can transform how your organization works, allowing your employees to focus on high-value activities, resulting in more satisfied employees and members.

The first step in implementing RPA is evaluating your current processes to find “good” candidates for RPA. We suggest starting with small, measurable successful projects to scale and optimize for other Credit union processes.

Is RPA Right for this Process?

When determining if RPA is a good solution, ask yourself the following questions:

Volume

Does the process occur frequently enough to justify implementing RPA? Processes that do not happen regularly provide little return on investment and usually have unexpected changes that break the automation. Another benefit besides cost savings may be increasing revenue (think processing loan applications faster) and avoiding risk.

Scope

How many steps are in the process? Ideally, there should be no more than 15. Evaluate the individual processes, not a combination of processes. Defining the scope helps you be tactical in your RPA planning.

Complexity

How complex is this process on a scale of 1 to 10? Does the process include multiple business rules? A good test is counting the “if-else” blocks. If more than seven, the process may be too complex for RPA. Additionally, the conditional statements must be expressed in a format that the automation process can resolve. Either all scenarios are mapped out, or a “catch-all” must be in place.

Stability/Predictability

Is the process stable or liable to change? Review the history of changes to the process, in addition to any planned changes, to identify whether it is stable. RPA of a good process will, in turn, requires less maintenance and fewer changes. Specific questions include:

  • Will you perform the task the same way today, tomorrow, or a month from now?
  • Are there any significant upcoming changes?
  • Does the process involve subjective decision-making?

Processes in general and for Credit unions that benefit from RPA include back-office reporting, employee on boarding and off-boarding, document and records management, and customer relationship management. Specific to Credit unions, loan underwriting, debit card fraud processing, and ACH stop payment processing are perfect candidates for RPA.

Types of Robotic Process Automation (RPA) Bots

RPA Bots can be attended or unattended. Attended RPA works in conjunction with the user, incorporating automation into specific directed tasks. It is well suited to tasks requiring human-to-system interaction in real-time. For Credit unions, attended bots can be helpful to accomplish part of a task quickly. For example, suppose customer support employees need to switch between multiple programs and screens to retrieve information while talking on the phone with members. In that case, employees can use attended RPA to retrieve data from any number of applications. It allows the employee to quickly provide information to the member and focus on answering member questions.

Unattended RPA is just that…no user input or attention is needed. Once the bot is set up to execute, human intervention is only required if a change is needed. The bot begins work on its own.

How do I get my RPA program started at my credit union?

This is where Dewpoint and our partner, Endurium, can assist. We have the professionals and experience to analyze your current processes and develop a list of processes that are good candidates for RPA. If you are still not sure about the benefits of RPA, check out our last blog, “ Five Reasons Credit Unions Should Consider RPA,”  or click here to talk to one of our experts.

Security – If Nothing Else, Do the Basics

Protecting your organization can be as complex or as simple as you feel is right for your organization. Research has shown that organizations that consistently do the functions listed in the Center for Internet Security (CIS) Top 10 can reduce your risk posture by up to 80% The Top 10 activities are as follows: Inventory […]

Continue reading

Cybersecurity Threats Within Your Organization

Cybersecurity Threats Within Your Organization We are all aware of cybersecurity threats from anonymous persons outside our organization, but have you thought about threats from within your organization? Does your security training include implementing steps to minimize the threats from within? Below are a few examples of inside threats to consider and include in your […]

Continue reading

Evaluating Your Cybersecurity Risk

 Your cybersecurity risk may depend on the industry you are in and the size and location of your company. The more employees you have, the more locations, the more complexity and the more personal identifiable data your company maintains. the greater risk of a cybersecurity attack. To determine your company’s risk, you should evaluate the […]

Continue reading

Dark Data – The Next Frontier

Dark Data – The Next Frontier A majority of organizations have data saved that is no longer used or valuable. Think about all of the digital documents saved in a typical organization ranging from email to presentations to spreadsheets complied by current and former employees.   A majority of organizations have data saved that is […]

Continue reading