By Shawn Freeman
Gone are the days when cyber criminals were just pimpled teenagers discovering Napster’s power to expand their MP3 libraries. In 2017, cybercrime is reaching a level of maturity and sophistication that rivals established corporations, likely with customer service that surpasses them.
In my role as founder of an IT services company, I've seen the devastation firsthand. Criminals are going corporate, monetizing and ransoming any property they can acquire. Thus, businesses must become more vigilant lest they become victims to the real-world Bond movie playing out within their servers.
An Online Hostage Crisis
Ransomware is an increasingly prevalent business scheme for criminals, with more and more digitally stored information susceptible to theft. From financial documents integrally tied to a corporation’s success to photos from a recent family vacation, bytes have value — some might even be considered priceless.
While consumer credit card numbers can probably find a buyer, family photos have a sentimental value and aren’t likely to attract much attention on the dark web. Instead, hackers take control of your hard drive's contents and hold the files ransom. If the information isn’t backed up somewhere they can’t access, the victim has no choice but to pay the sum demanded for the return of his data.
In Calgary University's case, the sum was $20,000. Hackers accessed the school’s computer system, cutting off Wi-Fi and email services. When the IT department was unable to restore services, it had no choice but to pay up.
Unfortunately, paying is often just the beginning. After all, acquiescing to thieves requires victims to trust that criminals keep their end of the bargain instead of demanding more. Experts warn that paying identifies an individual or institution as a good target for future attacks. Whereas accepting the loss — however painful — might prompt hackers to look for more lucrative targets.
The Price of the IoT
In some cases, hackers aren’t after valuable data but instead appear driven to disrupt internet traffic. Such an attack recently occurred on an unprecedented scale, when a distributed denial-of-service attack hit Dyn, a company that controls a large portion of internet infrastructure. Typically, DDoS attacks cause computers to simultaneously bombard servers with traffic, overloading them and shutting them down. This attack was unique in that it used the Mirai botnet, which is made up of Internet of Things devices such as Wi-Fi-capable digital cameras and DVRs.
As more devices gain internet connectivity, security falls by the wayside. No one worries that his refrigerator might be hacked or that his toothbrush needs password protection, so hackers can easily recruit these machines. But when amassed on a large enough scale, they can be exploited to cause damage and inconvenience — like the Dyn attack, which disabled news, communication and entertainment channels across much of the U.S. and Europe.
The Best Defense
Developers generate 111 billion lines of code each year, inevitably containing billions of vulnerabilities waiting to be exploited. Fortunately, small businesses can take steps to avoid becoming the next attack victim, whether the hacker’s goal is information theft, server overloading or ransom demands.
- Beef up your backup. Cyber security company Symantec highlighted a 300 percent increase in cyber attacks on small businesses from 2012 to 2013. One major reason for this shift has been small companies’ overreliance on cloud-based services to protect their data. While the cloud is certainly convenient, these servers often have lax security that is easy to bypass or hack. Regularly backing up important information helps avoid ransomware attacks, but it sometimes isn’t enough. Our backup system has both on-site and off-site copies, as well as six months of history and versions. When budget allows, we even set up replication to a cloud provider such as Microsoft Azure — that way, employees can return to work even quicker.
- Cinch your security. Along with cloud security, cybercriminals often target small businesses with the assumption that they can’t afford sufficient security measures. Startups must subvert expectations by securing every device on their networks with antivirus and anti-malware. Webroot and Malwarebytes are both excellent programs we've recommended to friends and clients, but it’s up to individuals to ensure that no devices lack protection.
- Track your traffic. The San Francisco Municipal Transit Agency recently experienced an attack that locked more than 2,000 systems with ransomware. Experts posit that the infection spread autonomously via a self-propagating worm — one the city’s defense infrastructure failed to detect. In these situations, a high-grade defense system can track and prevent malicious programs from slipping through the cracks. We've used Cisco Meraki as an excellent line of defense for small to medium-sized businesses, checking all traffic that enters the network for viruses and malware to further mitigate potential risks. Ubiquiti is another viable option on the cheaper end — though its shelf life suffers as a result.
- Educate your employees. Alliances are emerging that offer decryption solutions for data held ransom. No More Ransom is one such project, and it aims to educate people about preventive measures they should take to keep themselves and their data safe. Training is an important part of securing a business that often goes overlooked. We've started recommending tools like KnowBe4 to provide security awareness training to our clients' staffs. It allows IT administrators to send test phishing and virus emails to see whether staff will fall for them, then it sends them to a page explaining warning signs to look out for. This helps cultivate a mindset that identifies security as a priority instead of an inconvenience.
As cybercrime becomes increasingly sophisticated, the number of cases of ransomware and extortion will also increase, putting huge networks of machines at risk. After all, the internet isn’t going anywhere, which means cybercrime isn’t either. Businesses of every size must do what they can to protect against this increasingly sophisticated threat.
--
Shawn Freeman is revolutionizing the IT services model as the founder of Calgary-based TWT Group.