5 Tips to Keep Your Mobile Workforce Safe and Secure

The American workforce has seen its fair share of paradigm shifts — globalization, the internet, and the introduction of cargo shorts and sandals in the workplace to name a few.

The latest in labor initiatives has been the adoption of remote working. The spread of laptops and wifi internet has lead enterprises to begin sourcing their employees from, well, anywhere. In fact, 50 percent of the US workforce is now permitted to work remotely during the work week, according to Global Workplace Analytics’ 2016 study.

The initiative is a win-win in many cases, as a corporation does not have to expense for office space and the amenities that come with it. It’s no surprise that the workforce has responded positively to the change as well. Young parents can spend more time with their family and a lack of commute time adds almost an entire hour back into the average employees day.

While modern-day mobility and BYOD (device) opportunities present substantial productivity boosts, they increase the complexity and opportunity for security threats. Using a host of technologies from Data Loss Prevention, Encryption, and Monitoring services will help organizations limit their security exposure, but cannot prevent everything.

With this new, great opportunity to work from anywhere comes an even greater responsibility to the employee. A personal laptop accessing corporate files on a public network can be catastrophic.

If you’re hiring or plan to hire remote staff for your organization, be sure they receive these five tips before they start:

1) Back Up Everything

Whether it’s in the cloud or an external hard drive, backing up everything you work on can save a ton time and stress if an attack were to happen. Keeping backed-up data will allow you to access exactly what you’ve been working on from prior to the attack.

2) Be Cautious of Public Wi-Fi

Free Wi-Fi access, whether it’s in coffee shops, airport lounges, or hotels, is a huge benefactor to remote working. Unfortunately, they’re also vulnerable to security issues. To avoid issues, ask about your host’s security protocol before connecting, skip any unencrypted Wi-Fi networks, and avoid logging in to corporate accounts or viewing sensitive data when connected to public networks. Briefly using a personal hotspot via cell phone is a great alternative when necessary.

3) Update Operating Systems

Like a vaccine for an immune system, you should keep your computer operating system as up to date as possible. Security updates will often come standard with a new OS. Like a vaccine, they’re proactive (not reactive, like an antidote) in protecting you from the latest threats.

4) Disable Bluetooth Connectivity

“Idle mode” Bluetooth connection can present security problems as well. If your Bluetooth is left on, nearby assailants can connect to your phone and potentially hack into your device. Make sure your phone and laptop Bluetooth connection setting is disabled while traveling, particularly abroad.

5) Always keep your computer in your line of sight

This should go without saying, but many people often ‘trust their neighbors’ when in public spaces to monitor their device while they step out for a call. This poses two very malicious threats: 1. Your entire workstation could be stolen or 2. Your computer could be bugged with using software installed via USB. In both cases, data is almost always completely compromised and the outcome is disastrous.

The bottom line for hiring a remote workforce is that their laptop should be your priority — especially if it’s their personal one. Think of your organizations’ cyber safety as a whole — if even one employee is susceptible to exploitation, the whole organization could tumble. In addition, keeping your employees safe and secure will establish your commitment to security, holding them to a higher standard and keeping your enterprise secure.

Contact JDL Group today for a security assessment of your remote workforce.

The American workforce has seen its fair share of paradigm shifts — globalization, the internet, and the introduction of cargo shorts and sandals in the workplace to name a few.

The latest in labor initiatives has been the adoption of remote working. The spread of laptops and wifi internet has lead enterprises to begin sourcing their employees from, well, anywhere. In fact, 50 percent of the US workforce is now permitted to work remotely during the work week, according to Global Workplace Analytics’ 2016 study.

The initiative is a win-win in many cases, as a corporation does not have to expense for office space and the amenities that come with it. It’s no surprise that the workforce has responded positively to the change as well. Young parents can spend more time with their family and a lack of commute time adds almost an entire hour back into the average employees day.

While modern-day mobility and BYOD (device) opportunities present substantial productivity boosts, they increase the complexity and opportunity for security threats. Using a host of technologies from Data Loss Prevention, Encryption, and Monitoring services will help organizations limit their security exposure, but cannot prevent everything.

With this new, great opportunity to work from anywhere comes an even greater responsibility to the employee. A personal laptop accessing corporate files on a public network can be catastrophic.

If you’re hiring or plan to hire remote staff for your organization, be sure they receive these five tips before they start:

1) Back Up Everything

Whether it’s in the cloud or an external hard drive, backing up everything you work on can save a ton time and stress if an attack were to happen. Keeping backed-up data will allow you to access exactly what you’ve been working on from prior to the attack.

2) Be Cautious of Public Wi-Fi

Free Wi-Fi access, whether it’s in coffee shops, airport lounges, or hotels, is a huge benefactor to remote working. Unfortunately, they’re also vulnerable to security issues. To avoid issues, ask about your host’s security protocol before connecting, skip any unencrypted Wi-Fi networks, and avoid logging in to corporate accounts or viewing sensitive data when connected to public networks. Briefly using a personal hotspot via cell phone is a great alternative when necessary.

3) Update Operating Systems

Like a vaccine for an immune system, you should keep your computer operating system as up to date as possible. Security updates will often come standard with a new OS. Like a vaccine, they’re proactive (not reactive, like an antidote) in protecting you from the latest threats.

4) Disable Bluetooth Connectivity

“Idle mode” Bluetooth connection can present security problems as well. If your Bluetooth is left on, nearby assailants can connect to your phone and potentially hack into your device. Make sure your phone and laptop Bluetooth connection setting is disabled while traveling, particularly abroad.

5) Always keep your computer in your line of sight

This should go without saying, but many people often ‘trust their neighbors’ when in public spaces to monitor their device while they step out for a call. This poses two very malicious threats: 1. Your entire workstation could be stolen or 2. Your computer could be bugged with using software installed via USB. In both cases, data is almost always completely compromised and the outcome is disastrous.

The bottom line for hiring a remote workforce is that their laptop should be your priority — especially if it’s their personal one. Think of your organizations’ cyber safety as a whole — if even one employee is susceptible to exploitation, the whole organization could tumble. In addition, keeping your employees safe and secure will establish your commitment to security, holding them to a higher standard and keeping your enterprise secure.

Contact JDL Group today for a security assessment of your remote workforce.

Defining the Eight Most Nefarious Cyber Threats.

Here’s what very business professional should be informed about:

  1. Data breaches

    When a security incident involving protected or confidential data is copied, distributed, read, stolen, or used by unauthorized individuals, it can become a serious problem for the victims involved. The majority of data breaches happen due to vulnerable unstructured data such as files, documents, and sensitive information. A bad security process, or lack there of, can leave businesses exposed.

The data can be any kind of information, including health information, financial information, personally identifiable information, trade secrets, and intellectual property. The risk of data breach is not exclusive to cloud computing, but it invariably ranks as a top concern for cloud customers. 

  1. Bots

    There are many different kinds of bots. These include website crawlers, spam bots, chat rooms and other dangerous bots. They run as automated and executed programs on the Internet. It’s estimated that one in three visits to any website is a malicious bot. It may have been designed to search your interface for security flaws.

The bots perform many tasks such as stealing user credit card information, and malware links. Online cybercriminals use viruses to breach the security of computers. They can take over your computer and use all of the compromised machines into a network of ‘bots‘ that can be remotely managed.

3. Insufficient identity, credential, and access management

Data breaches enabling attacks can happen because of a lack of scalable identity access management systems, failure to use proper authentication, weak passwords, and not updating passwords and certificates.
Credentials and cryptographic keys must not be embedded in source code or distributed via public facing storage like GitHub. There is a high incidence of problems that may occur. Keys need to be appropriately secured and a well-secured public key infrastructure (PKI) is needed to ensure key-management activities are carried out.

  1. Unsafe interfaces & application programming interfaces (APIs)

    APIs are a system of tools and resources in an operating system, enabling developers to create software applications. Cloud providers expose a set of software user interfaces (UIs) or APIs that customers use to manage and interact with cloud services. Provisioning, management, and monitoring are all performed with these interfaces, and the security and availability of general cloud services depends on the security of APIs, CSA says. They need to be designed to protect against accidental and malicious attempts to circumvent policy.

  1. System vulnerabilities

 This cyber-security term refers to an inadequacy, in a system that can leave it open to attack. Vulnerability may also refer to any type of weakness in a computer system itself, in a process, or anything that leaves your security exposed to a threat. This may attract attackers who will steal data by taking control of the system, or destroying service operations. With the advent of multi-tenancy in the cloud, systems from various organizations are placed close to each other and given access to shared memory and resources, creating a new attack surface.

6. Account hijacking

A process in which an individual or organization’s account is stolen or hijacked by an attacker. Cloud account hijacking is a common strategy in identity theft. The assailant uses the stolen account information to engage in malevolent and/or unauthorized activity.

They can eavesdrop on activities and transactions, mess with your data, return misleading information and redirect clients to illegitimate sites. With your stolen data, attackers can often access key areas of cloud computing services. This enables them to compromise the privacy, integrity, and availability of those services.

7. Bogus Social Media

Bogus social media pages and accounts are created to mirror the actual people or businesses. The idea is to target your network, including your employees and their devices. The goal is to get to your private information through the sharing of disruptive malware links. These appear harmless like links to coupons, photos, or websites that may peak your curiosity encouraging you to click.

There are also many phishing scams, or fraudulent messages that lure people to divulge their private information via social media.  Credit card numbers and passwords are particularly at risk and when infiltrated can be detrimental to your important software, and more!

8. Denial of Service Attacks

In this instance the perpetrator wants to make a computer or network unavailable to its intended. This is achieved by temporarily (or permanently), altering services of a host connected to the Internet.

Most websites are designed to accommodate a certain level of web traffic, much in the same way roads are created for a certain volume of vehicles at one time. With denial of service attacks (DoS), cyber criminals flood your site with an extortionate amount of traffic. This in turn effectively slows everything down and may collapse the web page. DoS attacks are serious business. They make you to loose valuable time and resources trying to resolve the issue.

Contact The JDL Group for pragmatic solutions to cyber threats.

 

Sources:

 

 

 

Here’s what very business professional should be informed about:

  1. Data breaches

    When a security incident involving protected or confidential data is copied, distributed, read, stolen, or used by unauthorized individuals, it can become a serious problem for the victims involved. The majority of data breaches happen due to vulnerable unstructured data such as files, documents, and sensitive information. A bad security process, or lack there of, can leave businesses exposed.

The data can be any kind of information, including health information, financial information, personally identifiable information, trade secrets, and intellectual property. The risk of data breach is not exclusive to cloud computing, but it invariably ranks as a top concern for cloud customers. 

  1. Bots

    There are many different kinds of bots. These include website crawlers, spam bots, chat rooms and other dangerous bots. They run as automated and executed programs on the Internet. It’s estimated that one in three visits to any website is a malicious bot. It may have been designed to search your interface for security flaws.

The bots perform many tasks such as stealing user credit card information, and malware links. Online cybercriminals use viruses to breach the security of computers. They can take over your computer and use all of the compromised machines into a network of ‘bots‘ that can be remotely managed.

3. Insufficient identity, credential, and access management

Data breaches enabling attacks can happen because of a lack of scalable identity access management systems, failure to use proper authentication, weak passwords, and not updating passwords and certificates.
Credentials and cryptographic keys must not be embedded in source code or distributed via public facing storage like GitHub. There is a high incidence of problems that may occur. Keys need to be appropriately secured and a well-secured public key infrastructure (PKI) is needed to ensure key-management activities are carried out.

  1. Unsafe interfaces & application programming interfaces (APIs)

    APIs are a system of tools and resources in an operating system, enabling developers to create software applications. Cloud providers expose a set of software user interfaces (UIs) or APIs that customers use to manage and interact with cloud services. Provisioning, management, and monitoring are all performed with these interfaces, and the security and availability of general cloud services depends on the security of APIs, CSA says. They need to be designed to protect against accidental and malicious attempts to circumvent policy.

  1. System vulnerabilities

 This cyber-security term refers to an inadequacy, in a system that can leave it open to attack. Vulnerability may also refer to any type of weakness in a computer system itself, in a process, or anything that leaves your security exposed to a threat. This may attract attackers who will steal data by taking control of the system, or destroying service operations. With the advent of multi-tenancy in the cloud, systems from various organizations are placed close to each other and given access to shared memory and resources, creating a new attack surface.

6. Account hijacking

A process in which an individual or organization’s account is stolen or hijacked by an attacker. Cloud account hijacking is a common strategy in identity theft. The assailant uses the stolen account information to engage in malevolent and/or unauthorized activity.

They can eavesdrop on activities and transactions, mess with your data, return misleading information and redirect clients to illegitimate sites. With your stolen data, attackers can often access key areas of cloud computing services. This enables them to compromise the privacy, integrity, and availability of those services.

7. Bogus Social Media

Bogus social media pages and accounts are created to mirror the actual people or businesses. The idea is to target your network, including your employees and their devices. The goal is to get to your private information through the sharing of disruptive malware links. These appear harmless like links to coupons, photos, or websites that may peak your curiosity encouraging you to click.

There are also many phishing scams, or fraudulent messages that lure people to divulge their private information via social media.  Credit card numbers and passwords are particularly at risk and when infiltrated can be detrimental to your important software, and more!

8. Denial of Service Attacks

In this instance the perpetrator wants to make a computer or network unavailable to its intended. This is achieved by temporarily (or permanently), altering services of a host connected to the Internet.

Most websites are designed to accommodate a certain level of web traffic, much in the same way roads are created for a certain volume of vehicles at one time. With denial of service attacks (DoS), cyber criminals flood your site with an extortionate amount of traffic. This in turn effectively slows everything down and may collapse the web page. DoS attacks are serious business. They make you to loose valuable time and resources trying to resolve the issue.

Contact The JDL Group for pragmatic solutions to cyber threats.

 

Sources:

 

 

 

Failing the Phish Test

Phish testing your employees is a vital part of any security awareness program.  It seems logical that by exposing employees to phishing and helping them identify tactics, the chance of anyone in your organization to be phished lessens.  But does it?

When employees who failed phish tests are called out, made to feel poorly or singled out in a group the exact opposite can happen.

End users are the largest, most vulnerable target in most organizations. In real-world attacks, end users are relentlessly bombarded with spear-phishing and socially engineered schemes.

As the champion of your organizations cyber security, it is imperative that these tests be used as teachable moments to educate and encourage your end users.

Use Failure as a Teachable Moment.

Look at the failure of phish testing in a different light: you’ve identified a weakness in your security that can now be remedied.

Effective Phish Testing Checklist

Every phish test should follow some basic tenets in order to educate users:

  1. The links in a phish test campaign should go directly to a site with immediate education.
  2. Do not call out or embarrass users who fail the test.  Public shaming results in decreased threat reporting.
  3. Do not tie user responses to employee evaluation testing.  Doing so can can create resentment towards security, which is not good for the organization.
  4. Offer encouragement and education by directing users to additional training.  This can be optional or required depending on how many times the user has failed.
  5. Provide additional written materials such as articles and information from other sources.
  6. Reward people who report incidents.  This can be as simple as a kudo’s in the company newsletter or even prizes and contests.  Make sure that your organizations culture gives positive support to employees who report incidents.

Protecting Your Network 

JDL Group can help you put in place the right cyber security measures for you and your organization. If you want to learn more about protecting yourself and your employees from phishing campaigns check out our free anti-phishing toolkit.  

References: 

https://www.infosecurity-magazine.com/next-gen-infosec/reward-flag-phish-highlight-failed/

https://www.sophos.com/en-us/products/phish-threat.aspx

 

Phish testing your employees is a vital part of any security awareness program.  It seems logical that by exposing employees to phishing and helping them identify tactics, the chance of anyone in your organization to be phished lessens.  But does it?

When employees who failed phish tests are called out, made to feel poorly or singled out in a group the exact opposite can happen.

End users are the largest, most vulnerable target in most organizations. In real-world attacks, end users are relentlessly bombarded with spear-phishing and socially engineered schemes.

As the champion of your organizations cyber security, it is imperative that these tests be used as teachable moments to educate and encourage your end users.

Use Failure as a Teachable Moment.

Look at the failure of phish testing in a different light: you’ve identified a weakness in your security that can now be remedied.

Effective Phish Testing Checklist

Every phish test should follow some basic tenets in order to educate users:

  1. The links in a phish test campaign should go directly to a site with immediate education.
  2. Do not call out or embarrass users who fail the test.  Public shaming results in decreased threat reporting.
  3. Do not tie user responses to employee evaluation testing.  Doing so can can create resentment towards security, which is not good for the organization.
  4. Offer encouragement and education by directing users to additional training.  This can be optional or required depending on how many times the user has failed.
  5. Provide additional written materials such as articles and information from other sources.
  6. Reward people who report incidents.  This can be as simple as a kudo’s in the company newsletter or even prizes and contests.  Make sure that your organizations culture gives positive support to employees who report incidents.

Protecting Your Network 

JDL Group can help you put in place the right cyber security measures for you and your organization. If you want to learn more about protecting yourself and your employees from phishing campaigns check out our free anti-phishing toolkit.  

References: 

https://www.infosecurity-magazine.com/next-gen-infosec/reward-flag-phish-highlight-failed/

https://www.sophos.com/en-us/products/phish-threat.aspx

 

New Phishing Campaigns are Targeting World Cup Fans 

Two new phishing campaigns have emerged in recent weeks due to the start of the 2018 FIFA World Cup. Bad actors are targeting fans of the hugely popular World Cup and one of its long-time partners and sponsors, Adidas. One campaign disguises itself as an interactive World Cup schedule that tracks game results in real time, while the other falsely promises a free $50-per-month subscription for new Adidas sneakers. 

A World Cup Phishing Campaign 

First identified on May 30 by the security firm Check Point, this phishing campaign peaked around June 5 and has since began to re-appear now that the World Cup games have started. The campaign utilizes a well-known type of malware typically used to deliver PUPs, adware, and toolbars called ‘Downloader Guide’. 

Emails with the subject line: “World_Cup_2018_Schedule_and_Scoresheet_V1.86_CB-DL-Manager” invite recipients to download an attachment that supposedly contains an interactive World Cup schedule. Researchers found 9 different malicious executable files embedded within the attachment. 

Adidas Fans Beware 

The other phishing campaign is targeting Adidas fans using a common trick now-a-days among hackers: masquerading as a legitimate company or brand by creating a link that appears to be from an accredited website. These emails deceptively appear to be from Adidas & contain a link using a vertical line instead of the “i” in Adidas. Prospective victims are encouraged to click the link to receive a free $50-per-month subscription towards Adidas shoes.  

Why the World Cup? 

Cyber criminals love to launch malicious campaigns around big sporting events because they garner huge amounts of popular interest, and it doesn’t get much bigger on a global scale than the World Cup.  

Hackers are hoping to capitalize on sports fans’ excitement and catch end-users with their guards down. In fact, it’s not just phishing campaigns; various fake and malicious websites, giveaways, and tickets have been reported in connection to the World Cup. 

How to Protect Yourself From Online Phishing Schemes 

Phishing attacks are becoming more and more sophisticated, so it is important to implement several layers of protection. On an individual basis, always ensure software is updated, keep an eye out for suspicious emails, and never click a link if you have even the tiniest doubt regarding its validity.  

From an organizational standpoint, companies should put in place automated email security controls that can stop malicious emails from ever reaching employees’ inboxes. Multi-layered security strategies can also mitigate the damage done by a phishing attack if the initial campaign successfully infiltrates your network. 

Protecting Your Network 

JDL Group can help you put in place the right cyber security measures for you and your organization. If you want to learn more about protecting yourself and your employees from phishing campaigns check out our free anti-phishing toolkit.  

References: 

https://www.infosecurity-magazine.com/news/phishing-campaigns-target-sports/ 

ransomware attacks on law firms

Two new phishing campaigns have emerged in recent weeks due to the start of the 2018 FIFA World Cup. Bad actors are targeting fans of the hugely popular World Cup and one of its long-time partners and sponsors, Adidas. One campaign disguises itself as an interactive World Cup schedule that tracks game results in real time, while the other falsely promises a free $50-per-month subscription for new Adidas sneakers. 

A World Cup Phishing Campaign 

First identified on May 30 by the security firm Check Point, this phishing campaign peaked around June 5 and has since began to re-appear now that the World Cup games have started. The campaign utilizes a well-known type of malware typically used to deliver PUPs, adware, and toolbars called ‘Downloader Guide’. 

Emails with the subject line: “World_Cup_2018_Schedule_and_Scoresheet_V1.86_CB-DL-Manager” invite recipients to download an attachment that supposedly contains an interactive World Cup schedule. Researchers found 9 different malicious executable files embedded within the attachment. 

Adidas Fans Beware 

The other phishing campaign is targeting Adidas fans using a common trick now-a-days among hackers: masquerading as a legitimate company or brand by creating a link that appears to be from an accredited website. These emails deceptively appear to be from Adidas & contain a link using a vertical line instead of the “i” in Adidas. Prospective victims are encouraged to click the link to receive a free $50-per-month subscription towards Adidas shoes.  

Why the World Cup? 

Cyber criminals love to launch malicious campaigns around big sporting events because they garner huge amounts of popular interest, and it doesn’t get much bigger on a global scale than the World Cup.  

Hackers are hoping to capitalize on sports fans’ excitement and catch end-users with their guards down. In fact, it’s not just phishing campaigns; various fake and malicious websites, giveaways, and tickets have been reported in connection to the World Cup. 

How to Protect Yourself From Online Phishing Schemes 

Phishing attacks are becoming more and more sophisticated, so it is important to implement several layers of protection. On an individual basis, always ensure software is updated, keep an eye out for suspicious emails, and never click a link if you have even the tiniest doubt regarding its validity.  

From an organizational standpoint, companies should put in place automated email security controls that can stop malicious emails from ever reaching employees’ inboxes. Multi-layered security strategies can also mitigate the damage done by a phishing attack if the initial campaign successfully infiltrates your network. 

Protecting Your Network 

JDL Group can help you put in place the right cyber security measures for you and your organization. If you want to learn more about protecting yourself and your employees from phishing campaigns check out our free anti-phishing toolkit.  

References: 

https://www.infosecurity-magazine.com/news/phishing-campaigns-target-sports/ 

ransomware attacks on law firms

FBI Issues Malware Public Service Announcement, Learn How to Protect Your Data

The FBI recently issued a public service announcement stating that all owners of small office / home office (SOHO) routers should immediately reboot their devices. Why? The FBI believes that hundreds of thousands of routers worldwide have been infected with a form of malware called “VPN Filter”.  

Luckily, all that is necessary to turn off the malware is a simple reboot and reset to default factory settings. Rebooting the devices will also help the FBI determine which devices were infected in the first place. Don’t assume that a malware infection can’t happen to you, reboot your router today. 

What is VPN Filter? 

According to the FBI, VPN Filter is a form of malware targeting small home or office routers. This form of malware can collect private and personal information, exploit devices, and block network traffic.  

In the FBI’s own words, the size and scope of VPN Filter’s impact is “significant”, and it does not discriminate based on manufacturing company or location. The malware’s use of encryption and hidden networks makes its activity especially hard to track and analyze. 

How to Protect Yourself and Your Data 

The FBI is recommending that anyone (yes, that means you) who owns a small home or business router immediately reboot their devices. This will disrupt the malware, at least temporarily, and help the FBI identify infected devices. 

Unfortunately, if the malware is still in its early stages on your device, a reboot may not be enough to completely delete it. That is why we are advising users to reboot and reset their routers to default, factory settings.  

How to Reset Your Router to Factory Settings 

Resetting a small router back to default, factory settings can usually be achieved easily by pressing down on a small button in the rear of the router. While you will have to re-organize your configuration settings, this should be all you need to do to wipe the malware from your device. 

How Else Can I Protect My Data? 

While rebooting and resetting your router is an adequate strategy for this form of malware, there are countless other malicious cyber-attacks and data breaches just waiting to strike. It is important to be prepared and take the necessary steps to protect yourself, your devices, and most importantly your personal and private information. 

Make sure you are always changing your passwords every 90 days and using at least 6 characters and a mix of different numbers and symbols.  

Try and avoid using public wi-fi, but if you must, never input sensitive passwords or information. 

Finally, you should always enable two-actor authentication for all your accounts. This way, even if your password is compromised, bad actors will not be able to access your accounts. 2FA is an essential wall of security that everyone should be using in 2018. 

We Can Help 

Keeping up with the ever-evolving world of cyber security can be a challenge. JDL Group can help you and your business deal with all these new threats. As an MSSP, we are equipped to help you prepare for any cyberattack or malicious software. Contact us today. 

 References:

https://www.ic3.gov/media/2018/180525.aspx 

ransomware attacks on law firms

The FBI recently issued a public service announcement stating that all owners of small office / home office (SOHO) routers should immediately reboot their devices. Why? The FBI believes that hundreds of thousands of routers worldwide have been infected with a form of malware called “VPN Filter”.  

Luckily, all that is necessary to turn off the malware is a simple reboot and reset to default factory settings. Rebooting the devices will also help the FBI determine which devices were infected in the first place. Don’t assume that a malware infection can’t happen to you, reboot your router today. 

What is VPN Filter? 

According to the FBI, VPN Filter is a form of malware targeting small home or office routers. This form of malware can collect private and personal information, exploit devices, and block network traffic.  

In the FBI’s own words, the size and scope of VPN Filter’s impact is “significant”, and it does not discriminate based on manufacturing company or location. The malware’s use of encryption and hidden networks makes its activity especially hard to track and analyze. 

How to Protect Yourself and Your Data 

The FBI is recommending that anyone (yes, that means you) who owns a small home or business router immediately reboot their devices. This will disrupt the malware, at least temporarily, and help the FBI identify infected devices. 

Unfortunately, if the malware is still in its early stages on your device, a reboot may not be enough to completely delete it. That is why we are advising users to reboot and reset their routers to default, factory settings.  

How to Reset Your Router to Factory Settings 

Resetting a small router back to default, factory settings can usually be achieved easily by pressing down on a small button in the rear of the router. While you will have to re-organize your configuration settings, this should be all you need to do to wipe the malware from your device. 

How Else Can I Protect My Data? 

While rebooting and resetting your router is an adequate strategy for this form of malware, there are countless other malicious cyber-attacks and data breaches just waiting to strike. It is important to be prepared and take the necessary steps to protect yourself, your devices, and most importantly your personal and private information. 

Make sure you are always changing your passwords every 90 days and using at least 6 characters and a mix of different numbers and symbols.  

Try and avoid using public wi-fi, but if you must, never input sensitive passwords or information. 

Finally, you should always enable two-actor authentication for all your accounts. This way, even if your password is compromised, bad actors will not be able to access your accounts. 2FA is an essential wall of security that everyone should be using in 2018. 

We Can Help 

Keeping up with the ever-evolving world of cyber security can be a challenge. JDL Group can help you and your business deal with all these new threats. As an MSSP, we are equipped to help you prepare for any cyberattack or malicious software. Contact us today. 

 References:

https://www.ic3.gov/media/2018/180525.aspx 

ransomware attacks on law firms

Less Than Half of Ransomware Victims Recover Their Data After Paying the Ransom Demand

A ransomware attack can happen quickly and paralyze a business or company within minutes. Most of the time, these attacks are followed by a ransom note or list of demands from hackers. Many ransomware victims will feel that they must pay the ransom to regain access to their data, but new data shows that may not be the best strategy. 

Unfortunately, a survey released this month by the research firm CyberEdge has found that paying cybercriminals during a ransomware attack hardly guarantees that you will recover your files. 

A Survey of IT Security Practitioners  

A survey released last month polled close to 1,200 IT security practitioners across 17 countries. It revealed that less than half of ransomware victims in 2017 who paid the ransom recovered their files and data. 

The survey concluded that timely and routine backups are the best way to ensure you will recover your files in the event of a ransomware attack since backups enable an easy recovery. 

The Results of the Ransomware Survey 

Statistically, the survey reports that of the 55% of respondents who experienced a ransomware attack in 2017, 38.7% opted to pay the ransom. Only 19.1% of those who paid the ransom, or less than half, were able to recover their data using tools provided by the hackers. 

The Ransomware authors either didn’t provide any decryption instructions after payment or provided tools that did not decrypt as promised. 

On the bright side, 53.3% of those who were attacked with ransomware and didn’t pay the ransom were able to recover their data using either backups or decryption applications. 

Overall, the survey concluded that 27.6% or over a quarter of ransomware victims lost their data in 2017, regardless of if they paid the ransom or not. 

How to Prepare for a Ransomware Attack 

Implementing the proper defenses before a ransomware attack occurs can make all the difference and ensure that you don’t lose crucial files or information. JDL Group recommends a comprehensive, continuous data backup plan that will regularly test your backups and store your information in a secure location online.  

As the results of the survey show, if you or your company’s files are encrypted by a ransomware attack, there is a good chance paying the ransom won’t get your files back. It is vital in today’s landscape to install the proper defenses against ransomware so that it never has a chance to encrypt your data. 

Decryption software also appears to be a solid option. Statistically, it proved to be more successful in retrieving victims’ data than paying the ransom’s demands. 

Protecting Your Data from Ransomware 

Preparing for a ransomware attack and strengthening your network defenses may seem like a difficult task now, but JDL Group can make the entire process simple, quick, and efficient.  

We will provide you with the right tools and strategies to recover your data in the event of a ransomware attack, and more importantly, we will work to ensure that a ransomware attack doesn’t happen to you in the first place. Contact us today and start the process.  

References: 


https://www.bleepingcomputer.com/news/security/only-half-of-those-who-paid-a-ransomware-were-able-to-recover-their-data/
 
https://www.cyber.nj.gov/cyber-at-a-glance/20180316 
https://www.which.co.uk/news/2018/03/less-than-half-of-ransomware-victims-get-their-files-back/

 

Less Than Half of Ransomware Victims Recover Their Data After Paying the Ransom Demand

A ransomware attack can happen quickly and paralyze a business or company within minutes. Most of the time, these attacks are followed by a ransom note or list of demands from hackers. Many ransomware victims will feel that they must pay the ransom to regain access to their data, but new data shows that may not be the best strategy. 

Unfortunately, a survey released this month by the research firm CyberEdge has found that paying cybercriminals during a ransomware attack hardly guarantees that you will recover your files. 

A Survey of IT Security Practitioners  

A survey released last month polled close to 1,200 IT security practitioners across 17 countries. It revealed that less than half of ransomware victims in 2017 who paid the ransom recovered their files and data. 

The survey concluded that timely and routine backups are the best way to ensure you will recover your files in the event of a ransomware attack since backups enable an easy recovery. 

The Results of the Ransomware Survey 

Statistically, the survey reports that of the 55% of respondents who experienced a ransomware attack in 2017, 38.7% opted to pay the ransom. Only 19.1% of those who paid the ransom, or less than half, were able to recover their data using tools provided by the hackers. 

The Ransomware authors either didn’t provide any decryption instructions after payment or provided tools that did not decrypt as promised. 

On the bright side, 53.3% of those who were attacked with ransomware and didn’t pay the ransom were able to recover their data using either backups or decryption applications. 

Overall, the survey concluded that 27.6% or over a quarter of ransomware victims lost their data in 2017, regardless of if they paid the ransom or not. 

How to Prepare for a Ransomware Attack 

Implementing the proper defenses before a ransomware attack occurs can make all the difference and ensure that you don’t lose crucial files or information. JDL Group recommends a comprehensive, continuous data backup plan that will regularly test your backups and store your information in a secure location online.  

As the results of the survey show, if you or your company’s files are encrypted by a ransomware attack, there is a good chance paying the ransom won’t get your files back. It is vital in today’s landscape to install the proper defenses against ransomware so that it never has a chance to encrypt your data. 

Decryption software also appears to be a solid option. Statistically, it proved to be more successful in retrieving victims’ data than paying the ransom’s demands. 

Protecting Your Data from Ransomware 

Preparing for a ransomware attack and strengthening your network defenses may seem like a difficult task now, but JDL Group can make the entire process simple, quick, and efficient.  

We will provide you with the right tools and strategies to recover your data in the event of a ransomware attack, and more importantly, we will work to ensure that a ransomware attack doesn’t happen to you in the first place. Contact us today and start the process.  

References: 


https://www.bleepingcomputer.com/news/security/only-half-of-those-who-paid-a-ransomware-were-able-to-recover-their-data/
 
https://www.cyber.nj.gov/cyber-at-a-glance/20180316 
https://www.which.co.uk/news/2018/03/less-than-half-of-ransomware-victims-get-their-files-back/

 

Less Than Half of Ransomware Victims Recover Their Data After Paying the Ransom Demand

Insider Threats – Your Organization’s Top Security Risk

data protection for life sciences

An insider threat is just what it sounds like. Any time an organization’s security is threatened from an employee or third party within, data and profitability are at risk. Vulnerability management helps analyze risk. Threats can be malicious when insiders intentionally cause leaks and data breaches to seek revenge or obtain money. Occasionally, hackers from a competing or opposing organization gain employment or act as a supplier for the purpose of carrying out an insider attack.

Often threats occur because employees accidentally delete important data, participate in a phishing effort or thoughtlessly share more data than they should with an outside source. Employees might accidentally send data that should be kept secure to the wrong email address or share files they don’t realize contain confidential information.

Dangers of Insider Threats

Insider threats are some of the most expensive and pervasive security risks facing businesses of all sizes. Consider the following statistics:

  • More than half of companies that experienced an insider attack said they spent at least $100,000 to fix the breach.
  • For 12 percent of the organizations attacked, remediation costs were in excess of $1 million.
  • Seventy-four percent of companies surveyed in the 2017 Insider Threat Report said they felt vulnerable to insider threats.

Some industries are attacked more often than others. Medical facilities spend large sums preventing health care data breaches and law firms focus on legal security and compliance because of the high cost associated with remediating compromised data.

Insider threats are devastating because they often go undetected, sometimes for years. When employees must regularly access sensitive information and systems, it’s hard to tell if they’re just doing their job or providing information to unauthorized parties. The longer it takes for an organization to notice a breach, the more data is unsecure.

Malicious behavior is even harder to prove. Well-trained hackers know how to cover their tracks, and innocent employees may not even know what they did wrong. In both cases, it can be impossible to prove guilt or isolate who is responsible.

Most Common Causes and How to Prevent Them

While anyone who has access to data can be an insider threat, organizations should focus most on these groups:

  • data breach prevention NJUsers with high levels of clearance. Administrators, department heads and IT specialists typically have the highest access to sensitive data. Even the most trustworthy and committed staff can make errors that create a breach. Provide a clear understanding of system connection protocols even for leadership. Specify safe activities and what behaviors create risk.
  • Outside parties with access. Employees who work outside of your facility, suppliers and subcontractors often receive permission to access data to do their job, but they can pose a threat to data security. Protect users from accidentally causing a problem with network segregation. Experts can set systems to check for unauthorized activity, partition suspicious files off from the network and prevent third parties from accessing files they shouldn’t.
  • Disgruntled or previous employees. When you ask an employee to leave, make sure they don’t take data with them. USB, smart phones, and email transfers are simple ways to transfer data off premise. Know which data are sensitive and what employees can access before their termination. Make a practice of giving people the least amount of access they need to minimize the risk, and review user activity to check for misuse. Disable access immediately upon resignation or termination.

Contact Us

JDL Group can help you implement the right strategy to protect your organization from insider threats. Contact us today.

Additional Resources:
https://www.scmagazineuk.com/the-insider-threat-the-biggest-threat-in-banking-cyber-security/article/654525/
https://blog.netwrix.com/2017/12/07/7-tips-to-avoid-data-theft-by-ex-employees/
https://www.welivesecurity.com/2017/05/26/3-types-employees-cause-data-breach/
https://www.tripwire.com/state-of-security/security-data-protection/insider-threats-main-security-threat-2017/

 

Insider Threats – Your Organization’s Top Security Risk

data protection for life sciences

An insider threat is just what it sounds like. Any time an organization’s security is threatened from an employee or third party within, data and profitability are at risk. Vulnerability management helps analyze risk. Threats can be malicious when insiders intentionally cause leaks and data breaches to seek revenge or obtain money. Occasionally, hackers from a competing or opposing organization gain employment or act as a supplier for the purpose of carrying out an insider attack.

Often threats occur because employees accidentally delete important data, participate in a phishing effort or thoughtlessly share more data than they should with an outside source. Employees might accidentally send data that should be kept secure to the wrong email address or share files they don’t realize contain confidential information.

Dangers of Insider Threats

Insider threats are some of the most expensive and pervasive security risks facing businesses of all sizes. Consider the following statistics:

  • More than half of companies that experienced an insider attack said they spent at least $100,000 to fix the breach.
  • For 12 percent of the organizations attacked, remediation costs were in excess of $1 million.
  • Seventy-four percent of companies surveyed in the 2017 Insider Threat Report said they felt vulnerable to insider threats.

Some industries are attacked more often than others. Medical facilities spend large sums preventing health care data breaches and law firms focus on legal security and compliance because of the high cost associated with remediating compromised data.

Insider threats are devastating because they often go undetected, sometimes for years. When employees must regularly access sensitive information and systems, it’s hard to tell if they’re just doing their job or providing information to unauthorized parties. The longer it takes for an organization to notice a breach, the more data is unsecure.

Malicious behavior is even harder to prove. Well-trained hackers know how to cover their tracks, and innocent employees may not even know what they did wrong. In both cases, it can be impossible to prove guilt or isolate who is responsible.

Most Common Causes and How to Prevent Them

While anyone who has access to data can be an insider threat, organizations should focus most on these groups:

  • data breach prevention NJUsers with high levels of clearance. Administrators, department heads and IT specialists typically have the highest access to sensitive data. Even the most trustworthy and committed staff can make errors that create a breach. Provide a clear understanding of system connection protocols even for leadership. Specify safe activities and what behaviors create risk.
  • Outside parties with access. Employees who work outside of your facility, suppliers and subcontractors often receive permission to access data to do their job, but they can pose a threat to data security. Protect users from accidentally causing a problem with network segregation. Experts can set systems to check for unauthorized activity, partition suspicious files off from the network and prevent third parties from accessing files they shouldn’t.
  • Disgruntled or previous employees. When you ask an employee to leave, make sure they don’t take data with them. USB, smart phones, and email transfers are simple ways to transfer data off premise. Know which data are sensitive and what employees can access before their termination. Make a practice of giving people the least amount of access they need to minimize the risk, and review user activity to check for misuse. Disable access immediately upon resignation or termination.

Contact Us

JDL Group can help you implement the right strategy to protect your organization from insider threats. Contact us today.

Additional Resources:
https://www.scmagazineuk.com/the-insider-threat-the-biggest-threat-in-banking-cyber-security/article/654525/
https://blog.netwrix.com/2017/12/07/7-tips-to-avoid-data-theft-by-ex-employees/
https://www.welivesecurity.com/2017/05/26/3-types-employees-cause-data-breach/
https://www.tripwire.com/state-of-security/security-data-protection/insider-threats-main-security-threat-2017/

 

Insider Threats – Your Organization’s Top Security Risk

Battling Ransomware: 3 Tips for Health Care Organizations

Battling Ransomware: 3 Tips for Health Care Organizations

Ransomware poses a very real threat to every health care organization in America. In the health care industry, 85% of organizations have experienced a ransomware attack, and that number continues to climb as criminals recognize the unique vulnerabilities in the health care industry. Motivated by patient safety, the potential damage to the reputation of their organizations, and the major financial impact of a ransomware attack, health care organizations are likely to pay quickly if compromised. There are things your organization can do to prepare itself for success in the battle.

1. Training Is Vital

Viral attacks almost always require someone to open the gates to allow entrance. Malicious email and sketchy websites lure the unsuspecting worker in your organization to allow entrance into your network. The most vulnerable link in your network is ultimately the end user. The fact is that you must provide training to your employees to help them spot threats – either to prepare them beforehand, or to respond to an attack afterwards.

Providing ongoing critical training in spotting and avoiding malware threats is the single most efficient way of protecting your organization. This training will not only guard you against ransomware but other kinds of malware as well. Threats from cyberattacks change constantly, so it is crucial to make training on recognizing current threat vectors a regular part of your organization’s culture.

2. Reassess Your Backup

Your network backup may well have been designed to protect you from outages, equipment failures, or natural disasters. Conduct a thorough audit of your backup systems for their ability to protect you from malicious threats as well. Ransomware often seeks out and compromises backup systems before making its presence known. Without regular backups to systems disconnected from your network, you may be vulnerable to an attack that compromises your entire system. Take steps to analyze your current backup and make changes as needed.

3. Make Updates a Priority

protecting health care organizations from ransomware NJ | NYCAs new attacks occur, software makers update software against exploited security vulnerabilities. Criminal hackers depend on the fact that your organization has failed to take the time to update your system to protect against that vulnerability. Finding new vulnerabilities and exploits is time-consuming and expensive for hackers. Make their work less rewarding by cutting off the easy routes into your network.

Update antivirus and malware protection on a constant basis. These programs are the fastest at updating protection against the latest threats. Operating system and browser updates should also happen as soon as possible when a patch is released. Internet content filters help avoid the latest malware infected websites. And don’t forget updates for health care-specific technologies. These may not update as frequently, but when they do, it is vital to implement the new patch as soon as possible.

4. Vigilance is the Price of Safety

Updating systems, training employees, and protecting your backups are effective for reducing your risk of infection. These measures take time, create short term inconveniences, and require organization and vigilance on your part. Acting now won’t guarantee you are invulnerable to attack, but is the right thing to do to safeguard your patients.

Contact Us

Don’t let your health care organization go unprotected another day. Contact us today.

Additional Resources:
https://news.brown.edu/articles/2017/09/ransomware
https://www.csoonline.com/article/3091080/security/the-rise-of-ransomware-in-healthcare.html#slide6

 

Battling Ransomware: 3 Tips for Health Care Organizations

Battling Ransomware: 3 Tips for Health Care Organizations

Ransomware poses a very real threat to every health care organization in America. In the health care industry, 85% of organizations have experienced a ransomware attack, and that number continues to climb as criminals recognize the unique vulnerabilities in the health care industry. Motivated by patient safety, the potential damage to the reputation of their organizations, and the major financial impact of a ransomware attack, health care organizations are likely to pay quickly if compromised. There are things your organization can do to prepare itself for success in the battle.

1. Training Is Vital

Viral attacks almost always require someone to open the gates to allow entrance. Malicious email and sketchy websites lure the unsuspecting worker in your organization to allow entrance into your network. The most vulnerable link in your network is ultimately the end user. The fact is that you must provide training to your employees to help them spot threats – either to prepare them beforehand, or to respond to an attack afterwards.

Providing ongoing critical training in spotting and avoiding malware threats is the single most efficient way of protecting your organization. This training will not only guard you against ransomware but other kinds of malware as well. Threats from cyberattacks change constantly, so it is crucial to make training on recognizing current threat vectors a regular part of your organization’s culture.

2. Reassess Your Backup

Your network backup may well have been designed to protect you from outages, equipment failures, or natural disasters. Conduct a thorough audit of your backup systems for their ability to protect you from malicious threats as well. Ransomware often seeks out and compromises backup systems before making its presence known. Without regular backups to systems disconnected from your network, you may be vulnerable to an attack that compromises your entire system. Take steps to analyze your current backup and make changes as needed.

3. Make Updates a Priority

protecting health care organizations from ransomware NJ | NYCAs new attacks occur, software makers update software against exploited security vulnerabilities. Criminal hackers depend on the fact that your organization has failed to take the time to update your system to protect against that vulnerability. Finding new vulnerabilities and exploits is time-consuming and expensive for hackers. Make their work less rewarding by cutting off the easy routes into your network.

Update antivirus and malware protection on a constant basis. These programs are the fastest at updating protection against the latest threats. Operating system and browser updates should also happen as soon as possible when a patch is released. Internet content filters help avoid the latest malware infected websites. And don’t forget updates for health care-specific technologies. These may not update as frequently, but when they do, it is vital to implement the new patch as soon as possible.

4. Vigilance is the Price of Safety

Updating systems, training employees, and protecting your backups are effective for reducing your risk of infection. These measures take time, create short term inconveniences, and require organization and vigilance on your part. Acting now won’t guarantee you are invulnerable to attack, but is the right thing to do to safeguard your patients.

Contact Us

Don’t let your health care organization go unprotected another day. Contact us today.

Additional Resources:
https://news.brown.edu/articles/2017/09/ransomware
https://www.csoonline.com/article/3091080/security/the-rise-of-ransomware-in-healthcare.html#slide6

 

Battling Ransomware: 3 Tips for Health Care Organizations

Protecting Patient Information from Ransomware

The health care industry was the target in 88% of all ransomware attacks on US industries in 2016. The perpetrators of these malicious attacks have realized that the health care industry is particularly vulnerable to cyberattacks and has a major incentive to pay the ransom quickly. Patient safety, the organization’s reputation, and the risk of potential fines all motivate victims in a health care organization to pay the ransom and restore service. However, recognizing the risk and taking steps to protect your network are about much more than money.

Seeing the Big Picture

Health care information was the most breached in 2016, with stolen medical records being worth more than 10 times a stolen credit card. There is an average of one new health care breach per day, with thousands of patient files compromised with each breach.

Hackers have recognized that an even faster and more lucrative way of turning their crime into cash is by employing ransomware. In a ransomware attack, the criminal does not need to find a buyer for the stolen data; they demand a “ransom” directly from the health care organization. Due to the pressures on health care providers, that payment often comes very quickly. In fact, ransomware attacks now comprise 72% of all malware attacks in the health care industry.

It’s not a matter of if your organization will face an attack, but when, and how you’ll prepare beforehand or respond afterwards.

Prepare for Attack

protecting patient information from ransomwareThe most effective step your organization can take is to provide training to all employees on the risks and responsibilities of protecting patient health information. You provide fire drills, training for emergency situations, and regular employee training in other areas, so make protecting your patients’ information a priority in training. Cyberthreats change rapidly, so make your employees aware of the dangers by providing the training they need to spot and avoid threats.

Reassess your backup system. Ransomware often seeks out and compromises backup systems before announcing itself. Regular rotations of backup systems that are then completely disconnected from the network are a minimum best practice.

Update your software with the latest patches and your antivirus solutions continually update to contend with the latest threats. Systems unique to the health care industry can be particularly vulnerable and require immediate patching whenever an update is available.

Recognize that all these steps require time and money to implement. In a health care organization, every line of the budget is crucial. The potential for fines if Health Insurance Portability and Accountability Act-compliant solutions are not in place should compel you to find the means to ensure your safety. Making the threat clear will help prioritize the time and effort for training and updates to take place.

Why Act Now

Patient safety is at stake in a ransomware attack. The reputation of your organization will suffer if you succumb to an attack. While no current system can completely guarantee that you are invulnerable to attack, the duty to safeguard your networks should be imperative in your organization. Act with urgency now to avoid an emergency later.

Contact Us

JDL Group can help you protect your patient information from ransomware. Contact us today.

Additional Resources:
https://www.healthcaredive.com/news/must-know-healthcare-cybersecurity-statistics/435983/
http://www.healthcareitnews.com/news/ransomware-accounted-72-healthcare-malware-attacks-2016

 

Protecting Patient Information from Ransomware

The health care industry was the target in 88% of all ransomware attacks on US industries in 2016. The perpetrators of these malicious attacks have realized that the health care industry is particularly vulnerable to cyberattacks and has a major incentive to pay the ransom quickly. Patient safety, the organization’s reputation, and the risk of potential fines all motivate victims in a health care organization to pay the ransom and restore service. However, recognizing the risk and taking steps to protect your network are about much more than money.

Seeing the Big Picture

Health care information was the most breached in 2016, with stolen medical records being worth more than 10 times a stolen credit card. There is an average of one new health care breach per day, with thousands of patient files compromised with each breach.

Hackers have recognized that an even faster and more lucrative way of turning their crime into cash is by employing ransomware. In a ransomware attack, the criminal does not need to find a buyer for the stolen data; they demand a “ransom” directly from the health care organization. Due to the pressures on health care providers, that payment often comes very quickly. In fact, ransomware attacks now comprise 72% of all malware attacks in the health care industry.

It’s not a matter of if your organization will face an attack, but when, and how you’ll prepare beforehand or respond afterwards.

Prepare for Attack

protecting patient information from ransomwareThe most effective step your organization can take is to provide training to all employees on the risks and responsibilities of protecting patient health information. You provide fire drills, training for emergency situations, and regular employee training in other areas, so make protecting your patients’ information a priority in training. Cyberthreats change rapidly, so make your employees aware of the dangers by providing the training they need to spot and avoid threats.

Reassess your backup system. Ransomware often seeks out and compromises backup systems before announcing itself. Regular rotations of backup systems that are then completely disconnected from the network are a minimum best practice.

Update your software with the latest patches and your antivirus solutions continually update to contend with the latest threats. Systems unique to the health care industry can be particularly vulnerable and require immediate patching whenever an update is available.

Recognize that all these steps require time and money to implement. In a health care organization, every line of the budget is crucial. The potential for fines if Health Insurance Portability and Accountability Act-compliant solutions are not in place should compel you to find the means to ensure your safety. Making the threat clear will help prioritize the time and effort for training and updates to take place.

Why Act Now

Patient safety is at stake in a ransomware attack. The reputation of your organization will suffer if you succumb to an attack. While no current system can completely guarantee that you are invulnerable to attack, the duty to safeguard your networks should be imperative in your organization. Act with urgency now to avoid an emergency later.

Contact Us

JDL Group can help you protect your patient information from ransomware. Contact us today.

Additional Resources:
https://www.healthcaredive.com/news/must-know-healthcare-cybersecurity-statistics/435983/
http://www.healthcareitnews.com/news/ransomware-accounted-72-healthcare-malware-attacks-2016

 

Protecting Patient Information from Ransomware

How to Reduce Your Law Firm’s Cyber Risk

law firm cyber security

Experts agree that cybersecurity threats present significant risks to businesses, including law firms. Clients place a great deal of trust in law firms, which have a clear duty to protect their clients’ sensitive information. While bigger targets exist, hackers have begun targeting law firms because they found them to be the weakest link.

Law firms usually have relatively weak or non-existent cyber-defense systems or protocols in place. Fortunately, mitigating risks from data breaches or ransomware requires a small number of relatively simple measures. Here are some cybersecurity best practices any law firm can put in place.

1. Use Multi-Factor Authentication

Also known as two-factor authentication, this simple procedure makes use of a user password and something else the user has (e.g., token, app, device, etc.) to generate a second temporary password or code to login to an information system. It may seem cumbersome to require a password plus a second step, but it is the easiest procedure a law firm can implement to significantly improve security.

2. Never Share Logins or Passwords

Password sharing remains a common practice, even in businesses. Employees do this all the time, often just to give a coworker access to a program or to simplify login procedures from a remote location. In some cases, passwords can be found on notes sitting on employee desks or sticking to monitors.

Reusing accounts presents a similar risk. In this instance, employees continue to use the account of a departed employee to maintain access to a specific profile or to data that profile can access.

Law firms should eliminate password and login sharing, requiring their IT department to create new logins for incoming employees and delete old accounts.

3. Choose Better Passwords

law firm cyber security Passwords constitute the first, and sometimes only, line of defense against cyber-attacks. Hackers today use improved technology to crack passwords, ending the days when an employee could use the same simple password forever.

Law firms should require passwords that are longer, use more diverse characters, and are changed regularly. A good password consists of at least eight characters, a mix of letters, numbers, and special characters, a limitation on repeat characters (e.g., BB).

Each system should have a unique password, and law firm employees should be encouraged to vary passwords on different websites they access. Another good practice is to use an extremely complicated password for email accounts, which is needed to reset passwords. Password managers also exist to help manage many different accounts.

4. Update Systems

Installing updates, while often frustrating, protects an operating system from vulnerabilities. Upgrading the operating system to the current version (e.g., Windows 10 or Sierra) provides extra protection.

5. Encryption

This uses a formula to make data unreadable without a key. As long as the key is secure, the data remains safe. Several services exist that provide encryption, and the latest computers have encryption that simply needs to be enabled.

These steps are relatively easy to set up, but transform a firm’s cybersecurity. Law firms face risks like every other business. By enacting industry best practices, a law firm reduces the dangers of an attack and gives their clients the security they expect.

Contact Us

JDL Group can help your law firm adopt the right cyber security strategy. Contact us today.

Additional Resources:
http://www.onelegal.com/blog/5-steps-to-getting-serious-about-law-firm-cyber-security/
http://www.lawtechnologytoday.org/2017/02/tips-for-risk-mitigation/
http://www.lawtechnologytoday.org/2017/01/why-remote-security-is-a-must/
https://blog.lexicata.com/how-to-improve-data-security-at-your-law-firm/

ransomware attacks on law firms

law firm cyber security

Experts agree that cybersecurity threats present significant risks to businesses, including law firms. Clients place a great deal of trust in law firms, which have a clear duty to protect their clients’ sensitive information. While bigger targets exist, hackers have begun targeting law firms because they found them to be the weakest link.

Law firms usually have relatively weak or non-existent cyber-defense systems or protocols in place. Fortunately, mitigating risks from data breaches or ransomware requires a small number of relatively simple measures. Here are some cybersecurity best practices any law firm can put in place.

1. Use Multi-Factor Authentication

Also known as two-factor authentication, this simple procedure makes use of a user password and something else the user has (e.g., token, app, device, etc.) to generate a second temporary password or code to login to an information system. It may seem cumbersome to require a password plus a second step, but it is the easiest procedure a law firm can implement to significantly improve security.

2. Never Share Logins or Passwords

Password sharing remains a common practice, even in businesses. Employees do this all the time, often just to give a coworker access to a program or to simplify login procedures from a remote location. In some cases, passwords can be found on notes sitting on employee desks or sticking to monitors.

Reusing accounts presents a similar risk. In this instance, employees continue to use the account of a departed employee to maintain access to a specific profile or to data that profile can access.

Law firms should eliminate password and login sharing, requiring their IT department to create new logins for incoming employees and delete old accounts.

3. Choose Better Passwords

law firm cyber security Passwords constitute the first, and sometimes only, line of defense against cyber-attacks. Hackers today use improved technology to crack passwords, ending the days when an employee could use the same simple password forever.

Law firms should require passwords that are longer, use more diverse characters, and are changed regularly. A good password consists of at least eight characters, a mix of letters, numbers, and special characters, a limitation on repeat characters (e.g., BB).

Each system should have a unique password, and law firm employees should be encouraged to vary passwords on different websites they access. Another good practice is to use an extremely complicated password for email accounts, which is needed to reset passwords. Password managers also exist to help manage many different accounts.

4. Update Systems

Installing updates, while often frustrating, protects an operating system from vulnerabilities. Upgrading the operating system to the current version (e.g., Windows 10 or Sierra) provides extra protection.

5. Encryption

This uses a formula to make data unreadable without a key. As long as the key is secure, the data remains safe. Several services exist that provide encryption, and the latest computers have encryption that simply needs to be enabled.

These steps are relatively easy to set up, but transform a firm’s cybersecurity. Law firms face risks like every other business. By enacting industry best practices, a law firm reduces the dangers of an attack and gives their clients the security they expect.

Contact Us

JDL Group can help your law firm adopt the right cyber security strategy. Contact us today.

Additional Resources:
http://www.onelegal.com/blog/5-steps-to-getting-serious-about-law-firm-cyber-security/
http://www.lawtechnologytoday.org/2017/02/tips-for-risk-mitigation/
http://www.lawtechnologytoday.org/2017/01/why-remote-security-is-a-must/
https://blog.lexicata.com/how-to-improve-data-security-at-your-law-firm/

ransomware attacks on law firms