Even people who are not sports fanatics can understand that a single player does not make an entire winning team. A single star player, regardless of skill and ability, cannot bridge the gap that is created by those players whose performance is inconsistent. A winning season occurs when all players work together, recognizing and utilizing the strengths of each participant. Cybersecurity is no different.
Many organizations, especially small businesses, rely on username and password protocol as their primary cybersecurity protection method. They assume that requiring employees to use strong passwords, and then requiring regular changes to those passwords, is an adequate approach to cyberattack prevention. On the contrary: Relying primarily on passwords is not as secure as most of us are led to believe.
The Verizon 2017 Data Breach Investigations Report revealed two of the major findings that bear directly on this issue. Of the data breaches that were analyzed:
- 75 percent were perpetrated by outsiders (with the exception of healthcare, where 68 percent were internal)
- 81 percent of hacking-related breaches (50 percent of all breaches) leveraged weak or stolen passwords
What does this say about relying on usernames and passwords to secure your network – and why are strong passwords not a solid cybersecurity strategy?
Most people don’t want to remember numerous usernames and passwords for multiple accounts and programs, and many don’t feel confident in their ability to accurately recall that information. More so, they dislike having to regularly change passwords on individual accounts, and being forced to forget previous passwords in exchange for new ones. To deal with this frustration, they tend to do one of two things (or both):
- Re-use the same usernames and passwords across multiple accounts
- Write down their usernames and passwords, and store them in their workspace (usually in a place that is easy to find, often on their desk or in a top drawer)
The problems with these widespread tendencies are simple:
- Remember, 81 percent of all hacking-related breaches leveraged weak or stolen
- Repeated passwords used on multiple sites increase the risk of successful breaches on internal company sites. If passwords on personal accounts (online shopping, banking, personal email, social media, etc.) match passwords on company sites (employee login, company email, etc.), hackers can apply those identical passwords to other accounts with the same or similar usernames – and many people use the same username format across multiple accounts (e.g., John_Doe, or John.Doe).
- This means that any password, no matter how strong it is, is vulnerable the more often it is used with multiple accounts, especially when it is associated with the same (or similar) username.
- If 75 percent of breaches were perpetrated by outsiders, this means that 25 percent were committed by insiders. Many internal attacks don’t have to target one particular employee’s access; in many cases, accessing one member of a team or department (or even the entire company) is all that is required. Thus, having an employee record usernames and passwords, and store them in an obvious place, makes internal attacks much easier and more likely.
Having a system of employee usernames and passwords is not enough. Passwords, to be at all effective, need to be randomly generated strings of characters, changed frequently, and accompanied by two-factor authentication and protected by additional layers of security, backup and recovery, and monitoring.
thinkCSC is here to help ensure your cybersecurity systems are strong and vibrant, to assist you in your preparation for and response to cyberattacks. Together, we can avoid the mistakes that are common among so many businesses and organizations, in the end becoming as secure as possible in today’s technological world.
While thinkCSC believes that employees will always be the first line of defense against ransomware attacks, the only real solution is for leaders of all –organizations – businesses of all sizes, government entities, schools, hospitals, and –others – to invest in stronger IT security that includes offsite backup and recovery and managed security. These protections, combined with ongoing staff training, strict security policies, and constant vigilance, are an absolute necessity in today’s cyber-environment.
For new customers interested in information on obtaining our services, please contact us at firstname.lastname@example.org
Ransomware is a vicious form of malware that locks users out of their systems, forcing them to pay an often exorbitant fee to regain control of their data. Some ransomware, like CryptoLocker, actually encrypts files so that they cannot be accessed without paying the ransom. Often, paying the ransom will not guarantee that you will regain access to your data. The only solution is to prevent the attacks whenever possible. Without the right security in place, it is very easy to fall victim to ransomware, and recovering from such an attack can be costly.
Common Sense Steps to Deter Ransomware
If anyone in your company has already been infected by ransomware, immediately disable system restore and run an anti-malware detection scan to remove ransomware files. To prevent ransomware from gaining access to your data and impacting your business, be sure to:
- Back up files regularly
- Install patches and security updates immediately when they are available
- Scan systems regularly for malware detection and removal
- Implement strong email security, antivirus, and firewall protection
Avoid Ransomware with Smarter Security Measures
Ransomware attacks can be avoided with carefully layered detection and security protocols that make it very difficult for hackers to break in. Organizations must also be cautious about where and how data is stored and accessed. Running files from desktops, USB sticks, or external drives can leave you without a safety net. We recommend the use of an enterprise file sync software like SyncedTool from which files can be accessed and used. Alternatively, organizations can operate using hosted desktops where the file data is stored offsite and protected with BDR. In either case, if there is an attack, your managed services provider can perform a mass revision restore to the point in time before the ransomware encrypted the files.
Don’t Ignore the Need to Educate Staff about Ransomware
It is imperative that you train your staff to be alert when opening attachments in emails. Take extra precaution when working with email links and attachments. There are three fundamental questions you should ask yourself before opening any message:
- Do I know the person who sent me this message?
- Am confident that I know the nature of the attachment or link?
- Am I expecting this attachment or link, or is this an attachment or link that I regularly receive from this person?
If you can’t answer all of those questions in the affirmative, then it’s best to err on the side of caution and reach out to the person via phone or follow-up email to confirm the nature of the message.
At thinkCSC, we take your security seriously, so please take a moment to review our email guidelines with your staff. We regularly receive reports of spoofed emails that appear as internal communications and may contain attachments or links containing malicious malware or ransomware. Don’t let an innocent click of the mouse leave your organization in shambles. Be proactive and take steps to protect your company today. To learn more about having the right layers of security in place to protect your organization from these vicious attacks, contact thinkCSC.