Make those minutes count

Staying Safe: How to Prepare for Ransomware

RansomwareThe cybercrime game can be faddish at times, with cyber crooks all briefly piling on the “flavor of the month” attack before collectively moving on to the next big thing. One thing we can be certain of after the past year, however, is that ransomware has been added to the regular menu. It’s here to stay.

How Ransomware Works

It’s no wonder the dark underbelly of the internet is so taken with ransomware attacks. For keyboard-based ne’er-do-wells it really is the gift that keeps on giving.

A ransomware attack begins much like any other cyberattack. The bad guys get into the target system by the usual methods; most frequently via a phishing email or a spear-phishing email. This opening is used to plant the malware, and it is the nature of this malware package that sets ransomware apart.

The malware, once it gains access to the system, encrypts all the data it can find with an encryption key known only to the bad guys, who then demand lots and lots of money in exchange for getting the data back.

To Pay or Not to Pay?

A business that has been hit with a successful ransomware attack usually has only 2 options: say goodbye to the data, or pay the money.

No business can afford to lose all their data, so most companies end up paying the ransom, but this has unintended consequences. Now that the bad guys have access to the system, it’s trivial for them to get back in at a later date – some even go so far as to install a backdoor into the system so they can come and go as they please. Having walked away richer the first time, what’s to stop them from going back to the well a second or even third time? They know that the company is willing to pay, and so they make the company pay.

Thankfully, while the consequences of a ransomware attack can be more dire than other types of attack, they are no more difficult to prevent, or to deal with afterwards – given a certain amount of preparation.

Ransomware Defense

The first line of defense is prevention, and this involves solid email security that can detect and remove email-based threats before they reach the recipient. Another key part of prevention, or at least mitigation, is implementing a multi-layered security solution so that breaches can’t compromise the entire system. 

Finally, under preparation and aftermath, companies need to establish and follow a business continuity plan that incorporates real-time backups of all important data.

Real-time backups can allow companies to more or less ignore ransom demands. If infected with ransomware, they can simply roll back the clock to a point before the malware hit the system and continue on, as if nothing had happened, with minimal data or productivity loss.

Conclusion

According to the FBI, ransomware attacks in 2015 were responsible for ransom payments of just over $1.5 million. In 2016 that amount was almost a thousand times more – close to $1 billion. This huge increase is because of two factors: ransomware attacks are hard to stop, and the bad guys are almost impossible to catch.

If the numbers above are any indication, it will be almost impossible for most businesses to avoid a ransomware attack in 2017. Given an environment where ransomware attacks are an inevitability, being properly prepared is the only viable option.

Security Budgets Continue to Soar, But Is It Enough?

SecuritySecurity is now a vital concern for businesses across several industries. However, investments in privacy and defense should have been implemented years ago. With cyber crime now an international epidemic, why have so many companies waited so long to invest in cybersecurity measures? The following sheds some light on whether or not it’s too late to invest in cybersecurity.

Cybersecurity Is an Increasing Concern

Cybersecurity is a growing concern for many businesses, and the number of high-profile breaches continues to grow each year. In 2015, there were approximately 781 data breaches across the U.S. – the second highest year on record for security invasions. According to industry monitors, 40% of those breaches happened entirely in the business sector.

With this in mind, industry experts have predicted mass-scale investments in cybersecurity for 2017. Here are a few statistics based on Business Insidermagazine and other industry publications:

  • An estimated $655 billion will be invested in cybersecurity measures between 2015 and 2020.
  • Nearly $2.77 trillion in security investments was estimated for 2016 – far above the $75.4 billion in spending that took place in 2015.
  • These numbers suggest that businesses are just now catching on to the importance of cybersecurity.

Are Recent Security Investments Enough?

Are these recent security investments enough to combat the rising number of intrusions? According to Radware, companies that are only now investing in cybersecurity protocols are way behind. This is due to new threats that are evolving at rapid rates, so much so that even the latest security applications and programs are not able to contest new strains of malware, adware, and other viruses.

Companies cannot afford to sit around and wait for the next best cybersecurity solution. Industry experts recommend the following:

  • Never procrastinate when it comes to protecting enterprise hardware, software, applications, and general infrastructure.
  • Work with leading vendors to develop a sound and proactive security platform that can combat prior and new threats.
  • Strong security platforms are based on solid foundations; core policies and processes for data availability, integrity, access, and confidentiality must be in place.

 

The Rising Costs of Security

IBM recently estimated that the average cost of security breaches in 2016 was $4 million. This was up from $3.8 million in 2015 – and is slated to grow even more in 2017. With this in mind, businesses have to stop scrambling with last minute endeavors to protect corporate data. They simply need to agree on one comprehensive and cohesive security platform that will prevent massive revenue losses.

The longer businesses wait to implement cybersecurity initiatives, the more susceptible they will be to digital intrusions. It will also be harder for them incorporate security measures in the future, especially if infrastructure has already been jeopardized.

Understand VoIP Security Vulnerabilities and How to Combat Them

shutterstock_165758546smVoice over Internet Protocol (VoIP) offers substantial benefits to businesses, but the same IP technology that creates these benefits also introduces potential security vulnerabilities. Cybersecurity has become an increasing focus for companies across the United States and around the world as hackers try to exploit the growing use of IP to gain access to networks.

Budget resources are increasingly being dedicated to fending off threats, but breaches continue to expand. Companies must take security threats via VoIP seriously and take steps to counter those potential attacks. Consider the following threats and mitigation measures.

Types of Threats

  • Call Interception. VoIP by its nature involves the transmission of voice interactions over IP links, and bad actors will look for opportunities to intercept those transmissions. This requires the hacker to fully access the signal transmission between point A and point B. Typically, the intent of this type of breach is to interrupt the call by diminishing call quality via transmission delays or echoes or uploading sound packets to a server. Authentication and encryption tools are the most effective way to combat this type of threat.
  • Identity Misrepresentation. Hackers may attempt to access VoIP calls so they can eavesdrop, sometimes with the intent to steal information. This is particularly worrisome when sensitive information, such as credit card numbers, is transferred across VoIP links. Typically, hackers will seek the path of least resistance when attempting to access a network, so basic security features such as authentication and encryption may serve as an adequate barrier to entry for most hackers.
  • Theft of Service. An increasing concern for VoIP systems is hackers gaining access to use service, then leaving companies with the bill. These attacks are often carried out outside of business hours, so the breach is less likely to be detected and shut down right away. This threat is best mitigated with software-based measures, firewalls, and good security hygiene, including strong passwords.
  • Disruption. Denial-of-service attacks are another growing area of concern. These attacks seek to interrupt normal business communications by flooding call centers or transmission lines with fraudulent calls. When this occurs, calls from legitimate callers often are unable to get through. Firewall solutions that are built to identify and block fraudulent calls are the best defense against service interruption attacks.
  • Physical Attacks. Sometimes bad actors will go to any length to disrupt service and wreak havoc on a company’s operations. While attention is often focused on thwarting virtual attacks, physical infrastructure can be left vulnerable. Criminals may cut off a power source or damage hardware, rendering the network temporarily useless. It is crucial to take physical security at data centers as seriously as virtual security by ensuring equipment and data centers are secured and inaccessible.

Protection Measures

While the threats may be somewhat different for VoIP, the steps companies can take to safeguard their systems are the same common-sense approaches recommended for traditional computers and networks. Install and maintain firewalls, ensure communications and transactions are encrypted, and implement user authentication techniques along with basic security hygiene policies.
Companies also should work to stay ahead of threats by studying security trends and deploying best practices recommended to combat or prevent those threats. Businesses should work as a team with their VoIP vendor to ensure both virtual and physical assets are secure and hardened against potential attacks.

How to Keep Customers’ Personal Information Private

shutterstock_135054332The increased collection of detailed personal information by private companies is a major concern among consumers. As security breaches become more frequent, companies are under increased pressure to ensure the safety of customers’ personal information.

Consumers concerns center are the unauthorized release of personal data including chat logs, files, images and emails. These worries aren’t unwarranted, as an unsecured firm can be compromised to the point where customers’ private data could be accessed by third parties. It is the organizations’ responsibility to avoid security breaches.

Here are tips for organizations to help keep customer data safe.

Tips for Maintaining Privacy of Customer Data

  1. Make sure that your network, email protection and endpoint can effectively avoid dangerous types of files, malware and spam.
  2. Keep staff trained on how to effectively identify, report and deal with potentially dangerous emails, such as messages that include suspicious attachments or possible phishing links.
  3. Implement a patch assessment tool that automatically applies security updates to programs and operating systems, preventing potential exploits.
  4. Having a secure gateway and/or endpoint protection application can identify and prevent exploits before your systems can be hit.
  5. While many companies might believe that attackers could be satisfied with only a few pieces of private data, the reality is that these criminals want to gain full access to user databases and entire networks, where they can access all available personal information en masse. To avoid this, you might want to separate each of your own internal departments with multiple top-of-the-line firewalls, as opposed to relying on a single firewall that, once exploited, can leave all of your systems vulnerable.
  6. Device control strategies can be effective in keeping dangerous removable storage devices away. Companies can make it so that any personal data for customers is impossible to store on external devices, and avoid potential exploit kits that might be stored on them.
  7. When sharing any sensitive information internally, utilize full disc protection and securely encrypt all private information that’s located on private servers or any external devices.
  8. Make sure that you aren’t using any applications that are unnecessary and potentially detract from system security.
  9. Create and stick with a data protection policy that provides detailed instructions on how to keep all private information secure from possible threats.
  10. When transitioning to cloud services, organizations should make data encryption a top priority.

How Consumers Can Help

  1. Consumers should create strong passwords that aren’t easy to figure out, avoiding the use of any information that others may know. A good password consists of a complex combination of letters, numbers, punctuation and capitalization to make it more difficult to compromise, but consumers should create one that’s not difficult for them to recall.
  2. When making purchases with independent sellers on eBay or other online outlets, consumers should stick with PayPal or credit card payments in order to avoid scams.
  3. Consumers should always look carefully through emails before clicking on links or opening attachments. If they are from people with whom they’ve had no previous contact, or if the email doesn’t include enough detail to appear legitimate, it could be an email intended to phish personal information or infect computer systems with malware.

As network technology continues to develop, so does that of crooks looking to steal personal information, This is why both businesses and consumers need to put in more effort in securing data.

Five Ways Session Border Controllers Keep Businesses Safe

Internet firewallWith reports in the news of high-profile hack attacks against major corporations like Sony, many businesses are wisely looking at their own defenses and asking “Are we vulnerable?” By and large, the answer is probably “Yes.”

The state-of-the-art hacking and intrusion techniques currently in use are generally effective well beyond the usual security measures installed by businesses. Firewalls are typically only installed near the access level, well inside the network, leaving the network border just as open as an unprotected physical border between nations.

Like national borders, proactive measures at the network border are far more effective than tracking intrusions after they’ve occurred. This is a key reason Enterprise Session Border Control (SBC or eSBC) is quickly becoming a necessity. The combination of smart, proactive Intrusion Prevention Systems and firewalls along a network border delivers more robust internal security.

Five Reasons eSBC Is A Necessity For Modern Business Security

#1. Distributed Denial-of-Service Prevention

Distributed Denial-of-Service (DDoS) attacks are among the biggest fears in modern corporate security. The attacks are easy for hackers to launch, and currently there are no security systems which can entirely defeat a large DDoS attack.

That said, large-scale attacks (involving millions of bots) are generally reserved for high-profile targets. For most smaller businesses, eSBC will provide adequate warning and protection against smaller attacks.

#2. Voice over Internet Protocol (VoIP) Traffic Control

Internet traffic management, a standard addition to eSBC packages, provides software or hardware control over the number of VoIP connections allowed in and out of a business’ network.  These systems monitor traveling data packets for any sign of malicious activity. Newer DDoS variations target VoIP systems rather than primary servers. eSBC can prevent these types of intrusions as well.

#3. Hidden Topography

Many forms of packet requests used by hackers, such as VoIP transmissions, will send back information about the topography of the network. Similar to bank robbers “casing” a bank before a crime, it is common for hackers to use such techniques to probe a network and map out its structure in preparation for more specific targeted attacks.

eSBC systems can combat network probing by preventing network information from being sent back to attackers. When hackers can’t see the internal network topography, they are likely to pick a more vulnerable target instead of pursuing a full attack.

#4. Toll Fraud Protection

Toll fraud is niche of system cracking that is dedicated entirely to getting access to a company’s on-site VoIP system and relaying calls through so they are more expensive. The costly charges are passed on to the business. eSBC technology can prevent this by automatically blocking all secondary dial tone sources.

#5. Session Initiation Protocol (SIP) Encryption Services

SIP, a technology used to negotiate VoIP sessions is also a vulnerable part of a business network. Most SIP packets are in plain text, making them easy to intercept, exploit, or mimic. eSBCs use Secure Realtime Protocol with encrypted handshakes to remove this weak point in system defenses.

The Year Of Computer Security

A power imbalance in computer security, tilted heavily in favor of hackers, currently exists. The year 2015 is likely to be one that separates companies that are serious about security from those who are not. It is very likely that a network-reliant company without Enterprise Border Security will be among those companies that are open to attack.

Cloud Security: It’s Actually Real!

Cloud securityBreaches in data security can be scary. Surprisingly, compromised information doesn’t just pertain to consumer transactions (like the recent one at Target); it can involve sensitive patient information and other private data that’s supposed to be protected from criminal activity.

As these trespasses have occurred in the cloud, it has contributed to the misconception that somehow storing information in the cloud is risky. People erroneously believe that the cloud lacks “real” security. If the cloud were secure, the fact that at least 90% of healthcare organizations have had exposed or stolen patient information wouldn’t exist, right?

Wrong. Often these types of security breaches initiate from internal devices that distribute malware among other devices because they lack intrusion detection and prevention systems (IDPS). In other words, the security breaches happened because internal controls were lacking after the initial perimeter was penetrated.

Understanding Cloud Security

The public cloud is basically just storage, data and program execution through a data center that isn’t owned by the user. Options like NaviSite or RapidScale allow businesses to upload their data to a center that offers incredible scalability and accessibility.

But these providers also specialize in data security. In fact, they have the tools and security protocols in place to repel the constant bombardment of viruses, hackers, and other cyber-attacks.

Imagine a massive treasure vault. All those precious items located inside twenty feet of solid steel and concrete walls. But when a thief finally digs through the wall, he realizes that another, thicker wall is located behind the first. If he gets through that one, he discovers that another wall protects the treasure, and so on, and so on. This is how cloud security works.

Misconceptions

Yet, many business owners still feel that their data is somehow safer when it’s housed on their premises. That somehow having possession of a physical data center for storing information is more secure than utilizing a reliable cloud service provider.

Consider the previous ‘vault’ comparison. If inadequate IDPS is involved, the business is actually at greater risk to theft because once the first wall has been breached, the treasure is gone—metaphorically speaking, of course. But literally, if a business operates with a single firewall, that’s exactly what can happen.

Using a reputable cloud data center to store information is often superior to physical locations because of the services provided. Basically, once information gets connected to the Internet, having the data center close at hand really doesn’t matter. Having an expert staff who knows the latest and best cyber-security protocols, and who can react swiftly and ruthlessly to any threats is the best defense.

What’s Next?

Will any and all providers offer the same cloud protections and solutions? Of course not. But what a reputable service provider does offer is layers of firewall defenses and a professional staff who are attuned to virtual security and specialize in protecting information.

As technology advances, so will cyber crime. But business owners don’t have to be timid about cloud data centers, they just need a strategy. And just like every aspect of business, if the service is confusing or unknown, talk to an expert to find out more.