Cybercrime trends - what are you seeing?

At this time of year, small business owners and IT managers need to safeguard their data by taking additional precautions against the ever-evolving cybercrimes. Cybersecurity threats can come in many forms - from malicious software programs to phishing attacks - making it more critical than ever to ensure that your organization's networks and systems are secure.

The most critical cyber security best practice is to update all software regularly with the latest patches and updates. This will ensure that your system is up-to-date with the latest security measures, reducing the risk of cyber attacks. Additionally, it is a good idea to limit access to sensitive areas of your network by implementing robust user authentication and access control procedures. This will help to prevent unauthorized users from accessing confidential data.

Moreover, it is essential to remain alert and take steps to protect against phishing attacks. These cybercrimes involve using malicious emails or other messages to solicit sensitive information such as passwords and credit card details. To prevent these types of cyber attacks, verifying the legitimacy of any messages before clicking on links or downloading attachments is important.

Finally, it is also essential to back up all data regularly to protect against data loss if a cyber attack occurs. This will help ensure that your organization can continue its operations and prevent data breaches from occurring.

I agree with Judith, one of the most common things I see in the Help Desk is phishing attacks from links clicked on websites usually acting like "Microsoft tech support" One of the things i tell my clients is if the message has a phone number to call it is almost always a scam

Some of the tools that I find most helpful are spam/virus filter and dns filtering.  My end users don't particularly like it, but we block all websites other than those that are necessary.  Even if a phising email were to get through, when they click the link it would not go anywhere.  It was a lot of IT overhead in the beginning to get all of the necessary sites on the whitelist, but now it helps me to sleep at night.  

An employee just told me she got a call from the US Marshals saying there was a warrant for her arrest due to a package containing drugs in her name.

I think a good starting point is to assume the internet is still the wild west and your information is probably out there somewhere.

need to be more aware and act firmer on violations

One of the best tools is Content Filtering.  Limiting websites that employees can access prevents going to websites that are harmful and also websites that waste time.

One of the more insidious threats currently, is the full encryption of a hard drive, holding all the data hostage.

The criminals doing this target cities, hospitals, government agencies, businesses, and individuals.

NPR had excellent coverage on this a few months ago, interviewing a mother and daughter who this impacted.

The daughter ended up paying a ransom for the data, via a single ATM that took crypto coin, at a location in NYC.

The best way to avoid this risk, is have separate and multiple backups of your data. Also backup frequently, so that the loss if it occurs is in hours, not days or worse.

My personal goal is to be able to take a "bare metal" (nothing on it at all) system, and have the operating system, and my processes back to "business as usual" within 2 hours.

Once you think you have this process it place, then actually test it! You might find you think you have a working back up, when in actuality there is an error in the process somewhere.

Overview:

1. Multiple backups

2. Restoration process in place

3. Test actual process as if a real emergency occurred

Jason Jackson your statements on backup are correct, but only half the story.  Most of the ransomware is of the double extortion variety.  Before they encrypt your hard drive them upload the data to their server.  Even if you can restore all of your data they still have a copy that can be used to extort you.. 

It's always password security that is what fails.

Actually it is more social engineering anymore.  People will get an email from the "IRS" or  tracking info from "Fedex" and think that it is real.  They click the link and their computer phones home to download the malware that does all of the work.