It seems every week there is news of yet another business falling victim to a cyber-attack. You might find yourself asking “why would I need to know about cyber-attacks, my IT support handle that?”

Business leaders need to understand the severity, makeup and mitigation methods of cyber-attacks so you can ask your managed service provider if they are protecting your business from cyber threats.

Phishing Attacks

Phishing is one of the most common cyber-security breach scenarios to take place. Phishing attacks come in the form of an email landing in the victim’s inbox, appearing to be from a genuine sender but sent by a hacker. These emails will attach a link, file, or attempt to get the victim to provide them sensitive information, such as card details, over email. There are technological and user-training mitigation methods to circumvent a phishing attack.

A cyber-aware IT support provider will be able to advise you on their options for phishing mitigation. These options can include:

• Providing security awareness training across your business. This will involve sending dummy phishing emails to the business with giveaways to their nature for the users to pick out. Often the tests will not be communicated to the business to get a true response from the users. The results of such a test are recorded, and further training can be provided to the users that fell victim to the test. It is important to also provide training to those that were vigilant to the emails to sure up their detective skills.
• Implementation of SPF authentication. SPF stands for Sender Policy Framework. SPF is used to properly authenticate sender addresses and their messages to detect forgery during the email delivery process. SPF is a technical but simple protection method to install and your IT provider should be able to configure an SPF authentication method on your business emails.
• Multi-factor Authentication (MFA.) MFA seems to be everywhere these days. It feels like it won’t be long before our front door keys will require an MFA code to allow us into our homes. As much of an inconvenience MFA is to us in our day-to-day it could prove to be the only barrier stopping your account from being compromised in a phishing attack. Let’s say that despite all the training and all the technical barriers a malicious email gets through and you or one of your colleagues falls for a phishing attack… happens to the best of us. So the hacker now has login details or bank details. One thing they don’t have is your ever-changing authentication code. This will prevent your accounts from being compromised and allow you time to change your password or contact the bank to lock out any criminals.

Malware

Malware is an umbrella term for any kind of malicious software. Malware is used to gain unauthorised access to a system or the network the machine is on. Once the malware has an in it will provide a backdoor for the hackers to steal and or damage data on the network or machine.

It is common for malware to enter a business via email. Hackers sending malware can fire the malicious package to a whole directory of email addresses or they can target their messages to one address in a business.

Often a targeted attack is focused on a senior member of staff, CEO, Managing director etc. Another vector that hackers can exploit is personnel with access to sensitive data, think Finance staff, HR. Targeting personnel with a high level of privilege to sensitive information gives the malware the same level of access. Therefore it is very important to keep these harmful programs out.

Malware is one of the greatest threats to a business. Your business must be protected from malware. It might be easy to fall into compliancy believing your IT Service provider is on top of your malware defences. While it is common for MSPs to have an anti-virus offering it is important to understand what that is and if it is active on your network.

Ransomware

Ransomware is a type of malicious software that is designed to encapsulate the victim’s data behind a paywall. The files will be encrypted and will only be decrypted when the ransom is paid, though it is common for the files to be lost even after the ransom is paid.

The threat of ransomware is ever-growing. Many cyber-security experts estimate that a ransomware attack occurs every 11 seconds. Let's examine an example of ransomware and what can be done by a Managed Service Provider to mitigate and take precautions against the threat of ransomware.

What has happened in the video above is a textbook and regularly occurring event that can cripple if not destroy an SME. While governments and large police organisations work to disable the roots of such programs and their creators, steps must be taken by organisations to protect their businesses from these threats.

Working with a Managed Service Provider they should be able to provide you with an efficient, monitored backup solution for your business. This will protect your business in this situation with it having an up-to-date copy of all your business files you can circumvent the threat of encrypted files by having them copied to a secure location.

I have a backup solution in place, job done?

Not quite. The best course of action is to not need a backup solution. By implementing many of the solutions mentioned earlier in this blog such as security awareness training, SPF authentication, anti-virus and mail filtering you can prevent the ransomware from touching the network, to begin with.

This blog was written by our trusted partner, Concise Technologies. As well as helping you with your Cyber Essentials certification, ​​Concise Technologies provide innovative and cost-effective IT and Telecoms network support and services across Cheshire and the North West.