See a list of some of the most successful hacks.
One of the first places an attacker that looks to gain physical access to your IT assets is where you may store your backup media. If you store your backup data on premise, you should be securing the media in a fireproof, waterproof tamper resistant safe. Since the intruder probably is not familiar with your office layout and may not want to take the time to break into secure offices, they will look for your conference room. Conference rooms are usually equipped with data drops that are part of your local area network. You should consider putting those drops on your guest network with restricted access to your critical database assets.
1 – DO NOT use an email link to reach a website. If you know the web site address manually enter it to reach the site.
2 – DO NOT click on any email link or attachment unless you are ABSOLUTELY sure you recognize the sender.
3 – If you are going to shop on line only use sites that begin with HTTPS.
4 – THINK BEFORE YOU CLICK !
The MS-ISAC has seen an increase in cyber threat actors sending phishing emails to K-12 public education employees for the purposes of obtaining account login information. In these incidents, this information is then typically used to modify the employees’ direct deposit account information. By changing this information, the cyber threat actors reroute the employees’ paychecks to a financial account under the actors’ control. No specific payroll platforms are being targeted, as reports indicate the victims have used various platforms for payroll functionality.
Only 2 percent of the small-business owners surveyed in a recent CNBC/SurveyMonkey Small Business Survey said they view the threat of a cyberattack as the most critical issue they face. The survey, conducted in April, gathered the findings from more than 2,000 small-business owners across the country in a variety of industries. That very lack of focus makes small businesses a lot more vulnerable.
It’s because you’re the little guy that you’re of interest,” says Hemu Nigam, founder of SSP Blue, an internet security consultant business, and the former vice president of internet enforcement at the Motion Picture Association of America. “Hackers love small businesses [because] they don’t have the resources to put in high-end cybersecurity protection and they may not be consciously aware they are a target.”
Having a data backup plan just isn’t enough.
“It’s a false sense of security,” says Christopher Roach, national IT practice leader and managing director for CBIZ Risk & Advisory Services. “Yeah, they may be better at managing security, but you have to have the infrastructure set up properly, and there’s a lot of setting on the end user or client side that have to be administered to maintain a level of security. A lot of small businesses don’t get into that level of detail.”
Finally, while several prominent large corporations have withstood major hacking incidents, the story doesn’t always end as well for small businesses. When customer data or credit card information is stolen, it can break the circle of trust (and there are often other locally owned competitors). Beyond that, the financial costs of recovery are often beyond what a small-business owner can handle.
Small business IS NOT IMMUNE to cyber-attacks. Consult with a professional and get a thorough Cyber Threat Assessment. Get recommendations to remediate vulnerabilities in your current setup and make a solid plan.
It’s not a matter of IF – It’s a matter of WHEN.