Defining the Eight Most Nefarious Cyber Threats.

Here’s what very business professional should be informed about:

  1. Data breaches

    When a security incident involving protected or confidential data is copied, distributed, read, stolen, or used by unauthorized individuals, it can become a serious problem for the victims involved. The majority of data breaches happen due to vulnerable unstructured data such as files, documents, and sensitive information. A bad security process, or lack there of, can leave businesses exposed.

The data can be any kind of information, including health information, financial information, personally identifiable information, trade secrets, and intellectual property. The risk of data breach is not exclusive to cloud computing, but it invariably ranks as a top concern for cloud customers. 

  1. Bots

    There are many different kinds of bots. These include website crawlers, spam bots, chat rooms and other dangerous bots. They run as automated and executed programs on the Internet. It’s estimated that one in three visits to any website is a malicious bot. It may have been designed to search your interface for security flaws.

The bots perform many tasks such as stealing user credit card information, and malware links. Online cybercriminals use viruses to breach the security of computers. They can take over your computer and use all of the compromised machines into a network of ‘bots‘ that can be remotely managed.

3. Insufficient identity, credential, and access management

Data breaches enabling attacks can happen because of a lack of scalable identity access management systems, failure to use proper authentication, weak passwords, and not updating passwords and certificates.
Credentials and cryptographic keys must not be embedded in source code or distributed via public facing storage like GitHub. There is a high incidence of problems that may occur. Keys need to be appropriately secured and a well-secured public key infrastructure (PKI) is needed to ensure key-management activities are carried out.

  1. Unsafe interfaces & application programming interfaces (APIs)

    APIs are a system of tools and resources in an operating system, enabling developers to create software applications. Cloud providers expose a set of software user interfaces (UIs) or APIs that customers use to manage and interact with cloud services. Provisioning, management, and monitoring are all performed with these interfaces, and the security and availability of general cloud services depends on the security of APIs, CSA says. They need to be designed to protect against accidental and malicious attempts to circumvent policy.

  1. System vulnerabilities

 This cyber-security term refers to an inadequacy, in a system that can leave it open to attack. Vulnerability may also refer to any type of weakness in a computer system itself, in a process, or anything that leaves your security exposed to a threat. This may attract attackers who will steal data by taking control of the system, or destroying service operations. With the advent of multi-tenancy in the cloud, systems from various organizations are placed close to each other and given access to shared memory and resources, creating a new attack surface.

6. Account hijacking

A process in which an individual or organization’s account is stolen or hijacked by an attacker. Cloud account hijacking is a common strategy in identity theft. The assailant uses the stolen account information to engage in malevolent and/or unauthorized activity.

They can eavesdrop on activities and transactions, mess with your data, return misleading information and redirect clients to illegitimate sites. With your stolen data, attackers can often access key areas of cloud computing services. This enables them to compromise the privacy, integrity, and availability of those services.

7. Bogus Social Media

Bogus social media pages and accounts are created to mirror the actual people or businesses. The idea is to target your network, including your employees and their devices. The goal is to get to your private information through the sharing of disruptive malware links. These appear harmless like links to coupons, photos, or websites that may peak your curiosity encouraging you to click.

There are also many phishing scams, or fraudulent messages that lure people to divulge their private information via social media.  Credit card numbers and passwords are particularly at risk and when infiltrated can be detrimental to your important software, and more!

8. Denial of Service Attacks

In this instance the perpetrator wants to make a computer or network unavailable to its intended. This is achieved by temporarily (or permanently), altering services of a host connected to the Internet.

Most websites are designed to accommodate a certain level of web traffic, much in the same way roads are created for a certain volume of vehicles at one time. With denial of service attacks (DoS), cyber criminals flood your site with an extortionate amount of traffic. This in turn effectively slows everything down and may collapse the web page. DoS attacks are serious business. They make you to loose valuable time and resources trying to resolve the issue.

Contact The JDL Group for pragmatic solutions to cyber threats.

 

Sources:

 

 

 

Here’s what very business professional should be informed about:

  1. Data breaches

    When a security incident involving protected or confidential data is copied, distributed, read, stolen, or used by unauthorized individuals, it can become a serious problem for the victims involved. The majority of data breaches happen due to vulnerable unstructured data such as files, documents, and sensitive information. A bad security process, or lack there of, can leave businesses exposed.

The data can be any kind of information, including health information, financial information, personally identifiable information, trade secrets, and intellectual property. The risk of data breach is not exclusive to cloud computing, but it invariably ranks as a top concern for cloud customers. 

  1. Bots

    There are many different kinds of bots. These include website crawlers, spam bots, chat rooms and other dangerous bots. They run as automated and executed programs on the Internet. It’s estimated that one in three visits to any website is a malicious bot. It may have been designed to search your interface for security flaws.

The bots perform many tasks such as stealing user credit card information, and malware links. Online cybercriminals use viruses to breach the security of computers. They can take over your computer and use all of the compromised machines into a network of ‘bots‘ that can be remotely managed.

3. Insufficient identity, credential, and access management

Data breaches enabling attacks can happen because of a lack of scalable identity access management systems, failure to use proper authentication, weak passwords, and not updating passwords and certificates.
Credentials and cryptographic keys must not be embedded in source code or distributed via public facing storage like GitHub. There is a high incidence of problems that may occur. Keys need to be appropriately secured and a well-secured public key infrastructure (PKI) is needed to ensure key-management activities are carried out.

  1. Unsafe interfaces & application programming interfaces (APIs)

    APIs are a system of tools and resources in an operating system, enabling developers to create software applications. Cloud providers expose a set of software user interfaces (UIs) or APIs that customers use to manage and interact with cloud services. Provisioning, management, and monitoring are all performed with these interfaces, and the security and availability of general cloud services depends on the security of APIs, CSA says. They need to be designed to protect against accidental and malicious attempts to circumvent policy.

  1. System vulnerabilities

 This cyber-security term refers to an inadequacy, in a system that can leave it open to attack. Vulnerability may also refer to any type of weakness in a computer system itself, in a process, or anything that leaves your security exposed to a threat. This may attract attackers who will steal data by taking control of the system, or destroying service operations. With the advent of multi-tenancy in the cloud, systems from various organizations are placed close to each other and given access to shared memory and resources, creating a new attack surface.

6. Account hijacking

A process in which an individual or organization’s account is stolen or hijacked by an attacker. Cloud account hijacking is a common strategy in identity theft. The assailant uses the stolen account information to engage in malevolent and/or unauthorized activity.

They can eavesdrop on activities and transactions, mess with your data, return misleading information and redirect clients to illegitimate sites. With your stolen data, attackers can often access key areas of cloud computing services. This enables them to compromise the privacy, integrity, and availability of those services.

7. Bogus Social Media

Bogus social media pages and accounts are created to mirror the actual people or businesses. The idea is to target your network, including your employees and their devices. The goal is to get to your private information through the sharing of disruptive malware links. These appear harmless like links to coupons, photos, or websites that may peak your curiosity encouraging you to click.

There are also many phishing scams, or fraudulent messages that lure people to divulge their private information via social media.  Credit card numbers and passwords are particularly at risk and when infiltrated can be detrimental to your important software, and more!

8. Denial of Service Attacks

In this instance the perpetrator wants to make a computer or network unavailable to its intended. This is achieved by temporarily (or permanently), altering services of a host connected to the Internet.

Most websites are designed to accommodate a certain level of web traffic, much in the same way roads are created for a certain volume of vehicles at one time. With denial of service attacks (DoS), cyber criminals flood your site with an extortionate amount of traffic. This in turn effectively slows everything down and may collapse the web page. DoS attacks are serious business. They make you to loose valuable time and resources trying to resolve the issue.

Contact The JDL Group for pragmatic solutions to cyber threats.

 

Sources:

 

 

 

Failing the Phish Test

Phish testing your employees is a vital part of any security awareness program.  It seems logical that by exposing employees to phishing and helping them identify tactics, the chance of anyone in your organization to be phished lessens.  But does it?

When employees who failed phish tests are called out, made to feel poorly or singled out in a group the exact opposite can happen.

End users are the largest, most vulnerable target in most organizations. In real-world attacks, end users are relentlessly bombarded with spear-phishing and socially engineered schemes.

As the champion of your organizations cyber security, it is imperative that these tests be used as teachable moments to educate and encourage your end users.

Use Failure as a Teachable Moment.

Look at the failure of phish testing in a different light: you’ve identified a weakness in your security that can now be remedied.

Effective Phish Testing Checklist

Every phish test should follow some basic tenets in order to educate users:

  1. The links in a phish test campaign should go directly to a site with immediate education.
  2. Do not call out or embarrass users who fail the test.  Public shaming results in decreased threat reporting.
  3. Do not tie user responses to employee evaluation testing.  Doing so can can create resentment towards security, which is not good for the organization.
  4. Offer encouragement and education by directing users to additional training.  This can be optional or required depending on how many times the user has failed.
  5. Provide additional written materials such as articles and information from other sources.
  6. Reward people who report incidents.  This can be as simple as a kudo’s in the company newsletter or even prizes and contests.  Make sure that your organizations culture gives positive support to employees who report incidents.

Protecting Your Network 

JDL Group can help you put in place the right cyber security measures for you and your organization. If you want to learn more about protecting yourself and your employees from phishing campaigns check out our free anti-phishing toolkit.  

References: 

https://www.infosecurity-magazine.com/next-gen-infosec/reward-flag-phish-highlight-failed/

https://www.sophos.com/en-us/products/phish-threat.aspx

 

Phish testing your employees is a vital part of any security awareness program.  It seems logical that by exposing employees to phishing and helping them identify tactics, the chance of anyone in your organization to be phished lessens.  But does it?

When employees who failed phish tests are called out, made to feel poorly or singled out in a group the exact opposite can happen.

End users are the largest, most vulnerable target in most organizations. In real-world attacks, end users are relentlessly bombarded with spear-phishing and socially engineered schemes.

As the champion of your organizations cyber security, it is imperative that these tests be used as teachable moments to educate and encourage your end users.

Use Failure as a Teachable Moment.

Look at the failure of phish testing in a different light: you’ve identified a weakness in your security that can now be remedied.

Effective Phish Testing Checklist

Every phish test should follow some basic tenets in order to educate users:

  1. The links in a phish test campaign should go directly to a site with immediate education.
  2. Do not call out or embarrass users who fail the test.  Public shaming results in decreased threat reporting.
  3. Do not tie user responses to employee evaluation testing.  Doing so can can create resentment towards security, which is not good for the organization.
  4. Offer encouragement and education by directing users to additional training.  This can be optional or required depending on how many times the user has failed.
  5. Provide additional written materials such as articles and information from other sources.
  6. Reward people who report incidents.  This can be as simple as a kudo’s in the company newsletter or even prizes and contests.  Make sure that your organizations culture gives positive support to employees who report incidents.

Protecting Your Network 

JDL Group can help you put in place the right cyber security measures for you and your organization. If you want to learn more about protecting yourself and your employees from phishing campaigns check out our free anti-phishing toolkit.  

References: 

https://www.infosecurity-magazine.com/next-gen-infosec/reward-flag-phish-highlight-failed/

https://www.sophos.com/en-us/products/phish-threat.aspx

 

After Spectre and Meltdown, Google and Microsoft Disclose Another CPU Flaw 

The discovery of the Spectre and Meltdown vulnerabilities earlier this year was major news throughout the tech industry. These processor vulnerabilities potentially exposed the data of hundreds of millions of popular devices including servers, tablets, and smartphones. 

Spectre and Meltdown left the door wide open for hackers to manipulate a CPU data processing efficiency technique to gain access to sensitive information. Companies like Apple and Microsoft have worked to develop patches and updates to fix these vulnerabilities, but some have resulted in slower CPU performance. 

Now, a new vulnerability has emerged that is similar to Spectre and Meltdown. Microsoft and Google’s Project Zero have just announced the discovery of a flaw called Speculative Store Bypass-Variant 4 

Speculative Store Bypass 

The vulnerability is called Variant 4 because Spectre and Meltdown make up Variants 1-3. Bad actors can potentially use Variant 4 to access data that is supposed to be locked on Intel, ARM, and AMD processors. This process, called ‘Speculative Store Bypass’, manipulates processors into loading private data into insecure files.  

US-CERT’s advisory mentioned that hackers could access older CPU memory values using Variant 4, and experts also believe it could expose certain web browsing components, such as Javascript ad modules. 

Is Variant 4 a Major Vulnerability? 

Microsoft has classified Variant 4 as a low-level risk, while Intel and Google have classified it as a medium risk. Intel also says there is no current evidence that this vulnerability has been used by hackers, yet. 

Many patches and updates for the Spectre and Meltdown vulnerabilities already include safeguards against Speculative Store Bypass, but Intel says it will be releasing a comprehensive fix for Variant 4 within the next few weeks. In fact, the update is already available for manufacturers and software vendors. 

Protecting Your Data Moving Forward 

Companies will be rolling out Variant 4 patches and fixes over the next few weeks and months, but another CPU flaw will undoubtedly emerge at some point. Researchers had been expecting additional vulnerabilities to appear ever since Spectre and Meltdown, and Variant 4 is likely only the first. 

JDL Group can set up the right IT and security systems to properly defend your CPUs and network against vulnerabilities like Variant 4. JDL Group can also make sure your processors are always updated with the latest patches and fixes. Contact us today. 

References: 

https://www.wired.com/story/speculative-store-bypass-spectre-meltdown-vulnerability/ 

https://www.cnet.com/news/intel-microsoft-reveal-new-variant-on-spectre-meltdown-chip-security-flaws/ 

 

After Spectre and Meltdown, Google and Microsoft Disclose Another CPU Flaw 

The discovery of the Spectre and Meltdown vulnerabilities earlier this year was major news throughout the tech industry. These processor vulnerabilities potentially exposed the data of hundreds of millions of popular devices including servers, tablets, and smartphones. 

Spectre and Meltdown left the door wide open for hackers to manipulate a CPU data processing efficiency technique to gain access to sensitive information. Companies like Apple and Microsoft have worked to develop patches and updates to fix these vulnerabilities, but some have resulted in slower CPU performance. 

Now, a new vulnerability has emerged that is similar to Spectre and Meltdown. Microsoft and Google’s Project Zero have just announced the discovery of a flaw called Speculative Store Bypass-Variant 4 

Speculative Store Bypass 

The vulnerability is called Variant 4 because Spectre and Meltdown make up Variants 1-3. Bad actors can potentially use Variant 4 to access data that is supposed to be locked on Intel, ARM, and AMD processors. This process, called ‘Speculative Store Bypass’, manipulates processors into loading private data into insecure files.  

US-CERT’s advisory mentioned that hackers could access older CPU memory values using Variant 4, and experts also believe it could expose certain web browsing components, such as Javascript ad modules. 

Is Variant 4 a Major Vulnerability? 

Microsoft has classified Variant 4 as a low-level risk, while Intel and Google have classified it as a medium risk. Intel also says there is no current evidence that this vulnerability has been used by hackers, yet. 

Many patches and updates for the Spectre and Meltdown vulnerabilities already include safeguards against Speculative Store Bypass, but Intel says it will be releasing a comprehensive fix for Variant 4 within the next few weeks. In fact, the update is already available for manufacturers and software vendors. 

Protecting Your Data Moving Forward 

Companies will be rolling out Variant 4 patches and fixes over the next few weeks and months, but another CPU flaw will undoubtedly emerge at some point. Researchers had been expecting additional vulnerabilities to appear ever since Spectre and Meltdown, and Variant 4 is likely only the first. 

JDL Group can set up the right IT and security systems to properly defend your CPUs and network against vulnerabilities like Variant 4. JDL Group can also make sure your processors are always updated with the latest patches and fixes. Contact us today. 

References: 

https://www.wired.com/story/speculative-store-bypass-spectre-meltdown-vulnerability/ 

https://www.cnet.com/news/intel-microsoft-reveal-new-variant-on-spectre-meltdown-chip-security-flaws/ 

 

After Spectre and Meltdown, Google and Microsoft Disclose Another CPU Flaw 

Public Schools Are Being Attacked by Hackers More Than Ever

Cyber security has become a major problem for public schools over the past few years, but 2018 is bringing an unprecedented amount of cyber-attacks on schools all over the United States. Reports of different school districts falling victim to phishing and ransomware attacks are popping up all over the country. Let’s look at some recent attacks, as well as how one state is responding to this major threat. 

Roseburg Public Schools Fall Victim to Ransomware 

On the morning of Monday, May 7, Roseburg public schools in Oregon experienced a ransomware attack that blocked access to the district’s website and email. The district’s superintendent said at the time that IT personnel were working to restore encrypted files, and that it doesn’t appear that any personal information has been stolen or compromised.  

Unfortunately, days later the school district’s website still appears to be down. The school district says it will not release any further information about the hacker’s demands due to an ongoing police investigation.  

Hackers Gain Access to Fredericksburg School District’s Systems Using Phishing Emails  

Hackers created a fake email impersonating a regional organization to gain access to Fredericksburg school district’s electronic mail and filing systems last month. The Virginia school district detected the breach the next day, but not before hackers were able to access 14 employee emails and 1 employee’s files. 

The local superintendent sent out a letter warning parents that hackers may have had access to both student and parent information including full names, addresses, phone numbers, and insurance information. 

The malicious email appeared to be sent from a group that regularly sends info to local schools, a school employee reportedly thought it appeared suspicious, but clicked on it anyway. After this initial breach, hackers were able to send phishing emails to more employees. 

Indiana Launches New Cybersecurity Initiative for Schools 

The Indiana Department of Education just announced a new initiative to boost cyber protection education and funding in public schools. Indiana wants to make sure its schools faculty and students are prepared for cyber-attacks. Schools will even be able to apply for grants of up to $25,000 for cybersecurity funding. 

Indiana is also putting together a task-force to help teachers and staff become more familiar with cyber security and common threats. Some Indiana schools will be testing cybersecurity high school courses. 

Every School Needs to be Prepared 

Cybersecurity for public schools is no longer optional, hackers view schools as easy targets due to large numbers of online users and large amounts of sensitive data. JDL Group can help your school or district make sure it is prepared for anything with the latest in endpoint protection. Contact us today for a security assessment.  

References: 

https://indianapublicmedia.org/news/state-kicks-school-cybersecurity-initiative-146830/ 
http://www.fredericksburg.com/news/local/fredericksburg/hackers-break-into-fredericksburg-school-system-s-emails-file-system/article_d2b4e537-83ae-5160-8d6c-bbccf705e75a.html 
https://www.nrtoday.com/news/public_safety/roseburg-public-schools-computer-system-hacked/article_22c805d9-7f4a-5646-a832-b9711b23be32.html 

 

Public Schools Are Being Attacked by Hackers More Than Ever

Cyber security has become a major problem for public schools over the past few years, but 2018 is bringing an unprecedented amount of cyber-attacks on schools all over the United States. Reports of different school districts falling victim to phishing and ransomware attacks are popping up all over the country. Let’s look at some recent attacks, as well as how one state is responding to this major threat. 

Roseburg Public Schools Fall Victim to Ransomware 

On the morning of Monday, May 7, Roseburg public schools in Oregon experienced a ransomware attack that blocked access to the district’s website and email. The district’s superintendent said at the time that IT personnel were working to restore encrypted files, and that it doesn’t appear that any personal information has been stolen or compromised.  

Unfortunately, days later the school district’s website still appears to be down. The school district says it will not release any further information about the hacker’s demands due to an ongoing police investigation.  

Hackers Gain Access to Fredericksburg School District’s Systems Using Phishing Emails  

Hackers created a fake email impersonating a regional organization to gain access to Fredericksburg school district’s electronic mail and filing systems last month. The Virginia school district detected the breach the next day, but not before hackers were able to access 14 employee emails and 1 employee’s files. 

The local superintendent sent out a letter warning parents that hackers may have had access to both student and parent information including full names, addresses, phone numbers, and insurance information. 

The malicious email appeared to be sent from a group that regularly sends info to local schools, a school employee reportedly thought it appeared suspicious, but clicked on it anyway. After this initial breach, hackers were able to send phishing emails to more employees. 

Indiana Launches New Cybersecurity Initiative for Schools 

The Indiana Department of Education just announced a new initiative to boost cyber protection education and funding in public schools. Indiana wants to make sure its schools faculty and students are prepared for cyber-attacks. Schools will even be able to apply for grants of up to $25,000 for cybersecurity funding. 

Indiana is also putting together a task-force to help teachers and staff become more familiar with cyber security and common threats. Some Indiana schools will be testing cybersecurity high school courses. 

Every School Needs to be Prepared 

Cybersecurity for public schools is no longer optional, hackers view schools as easy targets due to large numbers of online users and large amounts of sensitive data. JDL Group can help your school or district make sure it is prepared for anything with the latest in endpoint protection. Contact us today for a security assessment.  

References: 

https://indianapublicmedia.org/news/state-kicks-school-cybersecurity-initiative-146830/ 
http://www.fredericksburg.com/news/local/fredericksburg/hackers-break-into-fredericksburg-school-system-s-emails-file-system/article_d2b4e537-83ae-5160-8d6c-bbccf705e75a.html 
https://www.nrtoday.com/news/public_safety/roseburg-public-schools-computer-system-hacked/article_22c805d9-7f4a-5646-a832-b9711b23be32.html 

 

Public Schools Are Being Attacked by Hackers More Than Ever

A New Hacker Group is Targeting the Healthcare Industry and Infecting Medical Equipment with Malware

A new group of hackers attacking the healthcare industry in the United States, Europe, and Asia have been discovered, according to the security firm Symantec. This new group, named “Orangeworm” by Symantec, are utilizing custom malware called “Kwampirs” to infect and compromise healthcare networks and equipment.

Which Devices are Being Targeted by Orangeworm?

This new custom malware has been detected inside the operating systems of medical imaging devices such as X-Ray & MRI machines, and devices used for digital patient consent forms.

The “Kwampirs” form of malware is designed to stay active for long periods of time in the equipment, which indicates that Orangeworm is interested in learning how these devices operate.

Trade Secrets Over Patient Data

Symantec believes that Orangeworm is not after sensitive patient data or interested in demanding a ransom from medical organizations, instead it appears that Orangeworm is carrying out some type of corporate espionage across the healthcare industry to attain trade secrets. Symantec has found traces of Orangeworm’s custom malware within the systems of pharmaceutical companies, healthcare IT firms, and medical equipment manufacturers.

It does not appear that these hackers are linked to any one government or nation, and right now there is no way to track the group’s origins.

How Does Kwampirs Malware Operate?

Surprisingly, Symantec reports that Orangeworm hasn’t discovered a new vulnerability or flaw in medical software. Instead, the hackers have mixed “social engineering” with previously known vulnerabilities to access medical networks. Once inside a network, the malware will aggressively propagate itself over shared networks.

This is a fairly outdated strategy for malware, but it is still effective on the medical community because older systems like Windows XP are still predominantly used among healthcare providers and organizations.

Protecting Your Healthcare Organization

This is just the latest example of the healthcare industry being a prime target for hackers and malware. In 2017, there were over 300 reported data breaches in the healthcare industry, with an estimated cost of over $1 billion!

If your healthcare organization or practice isn’t making data security and malware protection a priority, your systems may already be compromised. JDL Group can provide a full network diagnostic on your organization and identify any existing vulnerabilities or infections. Contact us today.

References

fastcompany.com
thehill.com
forbes.com

A New Hacker Group is Targeting the Healthcare Industry and Infecting Medical Equipment with Malware

A new group of hackers attacking the healthcare industry in the United States, Europe, and Asia have been discovered, according to the security firm Symantec. This new group, named “Orangeworm” by Symantec, are utilizing custom malware called “Kwampirs” to infect and compromise healthcare networks and equipment.

Which Devices are Being Targeted by Orangeworm?

This new custom malware has been detected inside the operating systems of medical imaging devices such as X-Ray & MRI machines, and devices used for digital patient consent forms.

The “Kwampirs” form of malware is designed to stay active for long periods of time in the equipment, which indicates that Orangeworm is interested in learning how these devices operate.

Trade Secrets Over Patient Data

Symantec believes that Orangeworm is not after sensitive patient data or interested in demanding a ransom from medical organizations, instead it appears that Orangeworm is carrying out some type of corporate espionage across the healthcare industry to attain trade secrets. Symantec has found traces of Orangeworm’s custom malware within the systems of pharmaceutical companies, healthcare IT firms, and medical equipment manufacturers.

It does not appear that these hackers are linked to any one government or nation, and right now there is no way to track the group’s origins.

How Does Kwampirs Malware Operate?

Surprisingly, Symantec reports that Orangeworm hasn’t discovered a new vulnerability or flaw in medical software. Instead, the hackers have mixed “social engineering” with previously known vulnerabilities to access medical networks. Once inside a network, the malware will aggressively propagate itself over shared networks.

This is a fairly outdated strategy for malware, but it is still effective on the medical community because older systems like Windows XP are still predominantly used among healthcare providers and organizations.

Protecting Your Healthcare Organization

This is just the latest example of the healthcare industry being a prime target for hackers and malware. In 2017, there were over 300 reported data breaches in the healthcare industry, with an estimated cost of over $1 billion!

If your healthcare organization or practice isn’t making data security and malware protection a priority, your systems may already be compromised. JDL Group can provide a full network diagnostic on your organization and identify any existing vulnerabilities or infections. Contact us today.

References

fastcompany.com
thehill.com
forbes.com

A New Hacker Group is Targeting the Healthcare Industry and Infecting Medical Equipment with Malware

Insider Threats – Your Organization’s Top Security Risk

data protection for life sciences

An insider threat is just what it sounds like. Any time an organization’s security is threatened from an employee or third party within, data and profitability are at risk. Vulnerability management helps analyze risk. Threats can be malicious when insiders intentionally cause leaks and data breaches to seek revenge or obtain money. Occasionally, hackers from a competing or opposing organization gain employment or act as a supplier for the purpose of carrying out an insider attack.

Often threats occur because employees accidentally delete important data, participate in a phishing effort or thoughtlessly share more data than they should with an outside source. Employees might accidentally send data that should be kept secure to the wrong email address or share files they don’t realize contain confidential information.

Dangers of Insider Threats

Insider threats are some of the most expensive and pervasive security risks facing businesses of all sizes. Consider the following statistics:

  • More than half of companies that experienced an insider attack said they spent at least $100,000 to fix the breach.
  • For 12 percent of the organizations attacked, remediation costs were in excess of $1 million.
  • Seventy-four percent of companies surveyed in the 2017 Insider Threat Report said they felt vulnerable to insider threats.

Some industries are attacked more often than others. Medical facilities spend large sums preventing health care data breaches and law firms focus on legal security and compliance because of the high cost associated with remediating compromised data.

Insider threats are devastating because they often go undetected, sometimes for years. When employees must regularly access sensitive information and systems, it’s hard to tell if they’re just doing their job or providing information to unauthorized parties. The longer it takes for an organization to notice a breach, the more data is unsecure.

Malicious behavior is even harder to prove. Well-trained hackers know how to cover their tracks, and innocent employees may not even know what they did wrong. In both cases, it can be impossible to prove guilt or isolate who is responsible.

Most Common Causes and How to Prevent Them

While anyone who has access to data can be an insider threat, organizations should focus most on these groups:

  • data breach prevention NJUsers with high levels of clearance. Administrators, department heads and IT specialists typically have the highest access to sensitive data. Even the most trustworthy and committed staff can make errors that create a breach. Provide a clear understanding of system connection protocols even for leadership. Specify safe activities and what behaviors create risk.
  • Outside parties with access. Employees who work outside of your facility, suppliers and subcontractors often receive permission to access data to do their job, but they can pose a threat to data security. Protect users from accidentally causing a problem with network segregation. Experts can set systems to check for unauthorized activity, partition suspicious files off from the network and prevent third parties from accessing files they shouldn’t.
  • Disgruntled or previous employees. When you ask an employee to leave, make sure they don’t take data with them. USB, smart phones, and email transfers are simple ways to transfer data off premise. Know which data are sensitive and what employees can access before their termination. Make a practice of giving people the least amount of access they need to minimize the risk, and review user activity to check for misuse. Disable access immediately upon resignation or termination.

Contact Us

JDL Group can help you implement the right strategy to protect your organization from insider threats. Contact us today.

Additional Resources:
https://www.scmagazineuk.com/the-insider-threat-the-biggest-threat-in-banking-cyber-security/article/654525/
https://blog.netwrix.com/2017/12/07/7-tips-to-avoid-data-theft-by-ex-employees/
https://www.welivesecurity.com/2017/05/26/3-types-employees-cause-data-breach/
https://www.tripwire.com/state-of-security/security-data-protection/insider-threats-main-security-threat-2017/

 

Insider Threats – Your Organization’s Top Security Risk

data protection for life sciences

An insider threat is just what it sounds like. Any time an organization’s security is threatened from an employee or third party within, data and profitability are at risk. Vulnerability management helps analyze risk. Threats can be malicious when insiders intentionally cause leaks and data breaches to seek revenge or obtain money. Occasionally, hackers from a competing or opposing organization gain employment or act as a supplier for the purpose of carrying out an insider attack.

Often threats occur because employees accidentally delete important data, participate in a phishing effort or thoughtlessly share more data than they should with an outside source. Employees might accidentally send data that should be kept secure to the wrong email address or share files they don’t realize contain confidential information.

Dangers of Insider Threats

Insider threats are some of the most expensive and pervasive security risks facing businesses of all sizes. Consider the following statistics:

  • More than half of companies that experienced an insider attack said they spent at least $100,000 to fix the breach.
  • For 12 percent of the organizations attacked, remediation costs were in excess of $1 million.
  • Seventy-four percent of companies surveyed in the 2017 Insider Threat Report said they felt vulnerable to insider threats.

Some industries are attacked more often than others. Medical facilities spend large sums preventing health care data breaches and law firms focus on legal security and compliance because of the high cost associated with remediating compromised data.

Insider threats are devastating because they often go undetected, sometimes for years. When employees must regularly access sensitive information and systems, it’s hard to tell if they’re just doing their job or providing information to unauthorized parties. The longer it takes for an organization to notice a breach, the more data is unsecure.

Malicious behavior is even harder to prove. Well-trained hackers know how to cover their tracks, and innocent employees may not even know what they did wrong. In both cases, it can be impossible to prove guilt or isolate who is responsible.

Most Common Causes and How to Prevent Them

While anyone who has access to data can be an insider threat, organizations should focus most on these groups:

  • data breach prevention NJUsers with high levels of clearance. Administrators, department heads and IT specialists typically have the highest access to sensitive data. Even the most trustworthy and committed staff can make errors that create a breach. Provide a clear understanding of system connection protocols even for leadership. Specify safe activities and what behaviors create risk.
  • Outside parties with access. Employees who work outside of your facility, suppliers and subcontractors often receive permission to access data to do their job, but they can pose a threat to data security. Protect users from accidentally causing a problem with network segregation. Experts can set systems to check for unauthorized activity, partition suspicious files off from the network and prevent third parties from accessing files they shouldn’t.
  • Disgruntled or previous employees. When you ask an employee to leave, make sure they don’t take data with them. USB, smart phones, and email transfers are simple ways to transfer data off premise. Know which data are sensitive and what employees can access before their termination. Make a practice of giving people the least amount of access they need to minimize the risk, and review user activity to check for misuse. Disable access immediately upon resignation or termination.

Contact Us

JDL Group can help you implement the right strategy to protect your organization from insider threats. Contact us today.

Additional Resources:
https://www.scmagazineuk.com/the-insider-threat-the-biggest-threat-in-banking-cyber-security/article/654525/
https://blog.netwrix.com/2017/12/07/7-tips-to-avoid-data-theft-by-ex-employees/
https://www.welivesecurity.com/2017/05/26/3-types-employees-cause-data-breach/
https://www.tripwire.com/state-of-security/security-data-protection/insider-threats-main-security-threat-2017/

 

Insider Threats – Your Organization’s Top Security Risk

Top 3 Causes of Data Breaches

One of the biggest security issues faced by organizations worldwide is the danger of a data breach. A recent technical report says as many as 90% of large corporations and 74% of small enterprises have experienced a security breach in the last five years. While professionals concentrate on preventing health care data breaches, host endpoint protection and vulnerability management, hackers still manage to steal data without authorization. Analyze some of the most common causes to reduce your organization’s risk.

1. Password Problems

Verizon’s Data Breach Investigations Report found 63% of investigated breaches involved weak, stolen or default passwords. Sometimes employees use predictable combinations for all their accounts, so once hackers figure out the code, they have access across systems. Other times they store passwords in an easily accessed location.

Hackers conduct phishing attacks in which they send out an email that looks authentic asking users to reset passwords. When they follow the link and enter current passwords for a reset, the hacker captures them for later use. Sometimes clicking the same link can enable malware installation. Often, organizations don’t discover data breaches until weeks after an attack.

2. Ransomware and Malware

Malware is any form of malicious software hackers can use to steal information. Trojans, spyware and worms all are viruses that users often install accidentally by clicking on a link or authorizing a download that seems legitimate.

ransomware protectionRansomware is a form of malware that infiltrates systems with a computer virus and makes data inaccessible until the user pays money for its release. Users allow infection when they click on a ransomware link. Often the link comes in an email that looks like it’s from a trusted source. Fake bank notices or utility bills prompt users to let the virus in, then ransomware encrypts files so they are inaccessible.

Hackers have used ransomware since 1989, but it has become increasingly sophisticated. Ransomware for law firms like the multinational firm DLA Piper can make a firm’s data inaccessible until they pay to regain access. Verizon recently reported ransomware is the fifth most common type of malware.

3. Human Error

While hackers and viruses cause extensive damage, much of it is only possible because of human error. Reuters reports that 73% of data breaches happen because of the people operating machines. People might cause accidental breaches because they don’t understand the risk. Organizations can protect themselves by implementing techniques like two-factor authentication, security risk training for staff, and security incidence response programs.

Even more troubling than employees who provide accidental access are those who do it on purpose. Employees, vendors and contractors who have access to data can become a risk if they decide to use that access maliciously. Organizations can limit access to only essential personnel, or offer varying levels of access depending on each employee’s role. Conduct background checks before allowing new users access to make sure they don’t have a history of misusing data.

Contact Us

Concerned about your data? Contact JDL Group today.

Additional Resources:
https://www.pwc.co.uk/assets/pdf/2015-isbs-technical-report-blue-03.pdf
https://www.infoworld.com/article/3193028/security/annual-verizon-security-report-says-sloppiness-causes-most-data-breaches.html
http://www.verizonenterprise.com/resources/reports/rp_dbir-2016-executive-summary_xg_en.pdf
https://medium.com/@BlueBite/data-breaches-leading-causes-how-to-avoid-them-797e3d51b1b1

 

ransomware attacks on law firms

One of the biggest security issues faced by organizations worldwide is the danger of a data breach. A recent technical report says as many as 90% of large corporations and 74% of small enterprises have experienced a security breach in the last five years. While professionals concentrate on preventing health care data breaches, host endpoint protection and vulnerability management, hackers still manage to steal data without authorization. Analyze some of the most common causes to reduce your organization’s risk.

1. Password Problems

Verizon’s Data Breach Investigations Report found 63% of investigated breaches involved weak, stolen or default passwords. Sometimes employees use predictable combinations for all their accounts, so once hackers figure out the code, they have access across systems. Other times they store passwords in an easily accessed location.

Hackers conduct phishing attacks in which they send out an email that looks authentic asking users to reset passwords. When they follow the link and enter current passwords for a reset, the hacker captures them for later use. Sometimes clicking the same link can enable malware installation. Often, organizations don’t discover data breaches until weeks after an attack.

2. Ransomware and Malware

Malware is any form of malicious software hackers can use to steal information. Trojans, spyware and worms all are viruses that users often install accidentally by clicking on a link or authorizing a download that seems legitimate.

ransomware protectionRansomware is a form of malware that infiltrates systems with a computer virus and makes data inaccessible until the user pays money for its release. Users allow infection when they click on a ransomware link. Often the link comes in an email that looks like it’s from a trusted source. Fake bank notices or utility bills prompt users to let the virus in, then ransomware encrypts files so they are inaccessible.

Hackers have used ransomware since 1989, but it has become increasingly sophisticated. Ransomware for law firms like the multinational firm DLA Piper can make a firm’s data inaccessible until they pay to regain access. Verizon recently reported ransomware is the fifth most common type of malware.

3. Human Error

While hackers and viruses cause extensive damage, much of it is only possible because of human error. Reuters reports that 73% of data breaches happen because of the people operating machines. People might cause accidental breaches because they don’t understand the risk. Organizations can protect themselves by implementing techniques like two-factor authentication, security risk training for staff, and security incidence response programs.

Even more troubling than employees who provide accidental access are those who do it on purpose. Employees, vendors and contractors who have access to data can become a risk if they decide to use that access maliciously. Organizations can limit access to only essential personnel, or offer varying levels of access depending on each employee’s role. Conduct background checks before allowing new users access to make sure they don’t have a history of misusing data.

Contact Us

Concerned about your data? Contact JDL Group today.

Additional Resources:
https://www.pwc.co.uk/assets/pdf/2015-isbs-technical-report-blue-03.pdf
https://www.infoworld.com/article/3193028/security/annual-verizon-security-report-says-sloppiness-causes-most-data-breaches.html
http://www.verizonenterprise.com/resources/reports/rp_dbir-2016-executive-summary_xg_en.pdf
https://medium.com/@BlueBite/data-breaches-leading-causes-how-to-avoid-them-797e3d51b1b1

 

ransomware attacks on law firms

Battling Ransomware: 3 Tips for Health Care Organizations

Battling Ransomware: 3 Tips for Health Care Organizations

Ransomware poses a very real threat to every health care organization in America. In the health care industry, 85% of organizations have experienced a ransomware attack, and that number continues to climb as criminals recognize the unique vulnerabilities in the health care industry. Motivated by patient safety, the potential damage to the reputation of their organizations, and the major financial impact of a ransomware attack, health care organizations are likely to pay quickly if compromised. There are things your organization can do to prepare itself for success in the battle.

1. Training Is Vital

Viral attacks almost always require someone to open the gates to allow entrance. Malicious email and sketchy websites lure the unsuspecting worker in your organization to allow entrance into your network. The most vulnerable link in your network is ultimately the end user. The fact is that you must provide training to your employees to help them spot threats – either to prepare them beforehand, or to respond to an attack afterwards.

Providing ongoing critical training in spotting and avoiding malware threats is the single most efficient way of protecting your organization. This training will not only guard you against ransomware but other kinds of malware as well. Threats from cyberattacks change constantly, so it is crucial to make training on recognizing current threat vectors a regular part of your organization’s culture.

2. Reassess Your Backup

Your network backup may well have been designed to protect you from outages, equipment failures, or natural disasters. Conduct a thorough audit of your backup systems for their ability to protect you from malicious threats as well. Ransomware often seeks out and compromises backup systems before making its presence known. Without regular backups to systems disconnected from your network, you may be vulnerable to an attack that compromises your entire system. Take steps to analyze your current backup and make changes as needed.

3. Make Updates a Priority

protecting health care organizations from ransomware NJ | NYCAs new attacks occur, software makers update software against exploited security vulnerabilities. Criminal hackers depend on the fact that your organization has failed to take the time to update your system to protect against that vulnerability. Finding new vulnerabilities and exploits is time-consuming and expensive for hackers. Make their work less rewarding by cutting off the easy routes into your network.

Update antivirus and malware protection on a constant basis. These programs are the fastest at updating protection against the latest threats. Operating system and browser updates should also happen as soon as possible when a patch is released. Internet content filters help avoid the latest malware infected websites. And don’t forget updates for health care-specific technologies. These may not update as frequently, but when they do, it is vital to implement the new patch as soon as possible.

4. Vigilance is the Price of Safety

Updating systems, training employees, and protecting your backups are effective for reducing your risk of infection. These measures take time, create short term inconveniences, and require organization and vigilance on your part. Acting now won’t guarantee you are invulnerable to attack, but is the right thing to do to safeguard your patients.

Contact Us

Don’t let your health care organization go unprotected another day. Contact us today.

Additional Resources:
https://news.brown.edu/articles/2017/09/ransomware
https://www.csoonline.com/article/3091080/security/the-rise-of-ransomware-in-healthcare.html#slide6

 

Battling Ransomware: 3 Tips for Health Care Organizations

Battling Ransomware: 3 Tips for Health Care Organizations

Ransomware poses a very real threat to every health care organization in America. In the health care industry, 85% of organizations have experienced a ransomware attack, and that number continues to climb as criminals recognize the unique vulnerabilities in the health care industry. Motivated by patient safety, the potential damage to the reputation of their organizations, and the major financial impact of a ransomware attack, health care organizations are likely to pay quickly if compromised. There are things your organization can do to prepare itself for success in the battle.

1. Training Is Vital

Viral attacks almost always require someone to open the gates to allow entrance. Malicious email and sketchy websites lure the unsuspecting worker in your organization to allow entrance into your network. The most vulnerable link in your network is ultimately the end user. The fact is that you must provide training to your employees to help them spot threats – either to prepare them beforehand, or to respond to an attack afterwards.

Providing ongoing critical training in spotting and avoiding malware threats is the single most efficient way of protecting your organization. This training will not only guard you against ransomware but other kinds of malware as well. Threats from cyberattacks change constantly, so it is crucial to make training on recognizing current threat vectors a regular part of your organization’s culture.

2. Reassess Your Backup

Your network backup may well have been designed to protect you from outages, equipment failures, or natural disasters. Conduct a thorough audit of your backup systems for their ability to protect you from malicious threats as well. Ransomware often seeks out and compromises backup systems before making its presence known. Without regular backups to systems disconnected from your network, you may be vulnerable to an attack that compromises your entire system. Take steps to analyze your current backup and make changes as needed.

3. Make Updates a Priority

protecting health care organizations from ransomware NJ | NYCAs new attacks occur, software makers update software against exploited security vulnerabilities. Criminal hackers depend on the fact that your organization has failed to take the time to update your system to protect against that vulnerability. Finding new vulnerabilities and exploits is time-consuming and expensive for hackers. Make their work less rewarding by cutting off the easy routes into your network.

Update antivirus and malware protection on a constant basis. These programs are the fastest at updating protection against the latest threats. Operating system and browser updates should also happen as soon as possible when a patch is released. Internet content filters help avoid the latest malware infected websites. And don’t forget updates for health care-specific technologies. These may not update as frequently, but when they do, it is vital to implement the new patch as soon as possible.

4. Vigilance is the Price of Safety

Updating systems, training employees, and protecting your backups are effective for reducing your risk of infection. These measures take time, create short term inconveniences, and require organization and vigilance on your part. Acting now won’t guarantee you are invulnerable to attack, but is the right thing to do to safeguard your patients.

Contact Us

Don’t let your health care organization go unprotected another day. Contact us today.

Additional Resources:
https://news.brown.edu/articles/2017/09/ransomware
https://www.csoonline.com/article/3091080/security/the-rise-of-ransomware-in-healthcare.html#slide6

 

Battling Ransomware: 3 Tips for Health Care Organizations

Protecting Patient Information from Ransomware

The health care industry was the target in 88% of all ransomware attacks on US industries in 2016. The perpetrators of these malicious attacks have realized that the health care industry is particularly vulnerable to cyberattacks and has a major incentive to pay the ransom quickly. Patient safety, the organization’s reputation, and the risk of potential fines all motivate victims in a health care organization to pay the ransom and restore service. However, recognizing the risk and taking steps to protect your network are about much more than money.

Seeing the Big Picture

Health care information was the most breached in 2016, with stolen medical records being worth more than 10 times a stolen credit card. There is an average of one new health care breach per day, with thousands of patient files compromised with each breach.

Hackers have recognized that an even faster and more lucrative way of turning their crime into cash is by employing ransomware. In a ransomware attack, the criminal does not need to find a buyer for the stolen data; they demand a “ransom” directly from the health care organization. Due to the pressures on health care providers, that payment often comes very quickly. In fact, ransomware attacks now comprise 72% of all malware attacks in the health care industry.

It’s not a matter of if your organization will face an attack, but when, and how you’ll prepare beforehand or respond afterwards.

Prepare for Attack

protecting patient information from ransomwareThe most effective step your organization can take is to provide training to all employees on the risks and responsibilities of protecting patient health information. You provide fire drills, training for emergency situations, and regular employee training in other areas, so make protecting your patients’ information a priority in training. Cyberthreats change rapidly, so make your employees aware of the dangers by providing the training they need to spot and avoid threats.

Reassess your backup system. Ransomware often seeks out and compromises backup systems before announcing itself. Regular rotations of backup systems that are then completely disconnected from the network are a minimum best practice.

Update your software with the latest patches and your antivirus solutions continually update to contend with the latest threats. Systems unique to the health care industry can be particularly vulnerable and require immediate patching whenever an update is available.

Recognize that all these steps require time and money to implement. In a health care organization, every line of the budget is crucial. The potential for fines if Health Insurance Portability and Accountability Act-compliant solutions are not in place should compel you to find the means to ensure your safety. Making the threat clear will help prioritize the time and effort for training and updates to take place.

Why Act Now

Patient safety is at stake in a ransomware attack. The reputation of your organization will suffer if you succumb to an attack. While no current system can completely guarantee that you are invulnerable to attack, the duty to safeguard your networks should be imperative in your organization. Act with urgency now to avoid an emergency later.

Contact Us

JDL Group can help you protect your patient information from ransomware. Contact us today.

Additional Resources:
https://www.healthcaredive.com/news/must-know-healthcare-cybersecurity-statistics/435983/
http://www.healthcareitnews.com/news/ransomware-accounted-72-healthcare-malware-attacks-2016

 

Protecting Patient Information from Ransomware

The health care industry was the target in 88% of all ransomware attacks on US industries in 2016. The perpetrators of these malicious attacks have realized that the health care industry is particularly vulnerable to cyberattacks and has a major incentive to pay the ransom quickly. Patient safety, the organization’s reputation, and the risk of potential fines all motivate victims in a health care organization to pay the ransom and restore service. However, recognizing the risk and taking steps to protect your network are about much more than money.

Seeing the Big Picture

Health care information was the most breached in 2016, with stolen medical records being worth more than 10 times a stolen credit card. There is an average of one new health care breach per day, with thousands of patient files compromised with each breach.

Hackers have recognized that an even faster and more lucrative way of turning their crime into cash is by employing ransomware. In a ransomware attack, the criminal does not need to find a buyer for the stolen data; they demand a “ransom” directly from the health care organization. Due to the pressures on health care providers, that payment often comes very quickly. In fact, ransomware attacks now comprise 72% of all malware attacks in the health care industry.

It’s not a matter of if your organization will face an attack, but when, and how you’ll prepare beforehand or respond afterwards.

Prepare for Attack

protecting patient information from ransomwareThe most effective step your organization can take is to provide training to all employees on the risks and responsibilities of protecting patient health information. You provide fire drills, training for emergency situations, and regular employee training in other areas, so make protecting your patients’ information a priority in training. Cyberthreats change rapidly, so make your employees aware of the dangers by providing the training they need to spot and avoid threats.

Reassess your backup system. Ransomware often seeks out and compromises backup systems before announcing itself. Regular rotations of backup systems that are then completely disconnected from the network are a minimum best practice.

Update your software with the latest patches and your antivirus solutions continually update to contend with the latest threats. Systems unique to the health care industry can be particularly vulnerable and require immediate patching whenever an update is available.

Recognize that all these steps require time and money to implement. In a health care organization, every line of the budget is crucial. The potential for fines if Health Insurance Portability and Accountability Act-compliant solutions are not in place should compel you to find the means to ensure your safety. Making the threat clear will help prioritize the time and effort for training and updates to take place.

Why Act Now

Patient safety is at stake in a ransomware attack. The reputation of your organization will suffer if you succumb to an attack. While no current system can completely guarantee that you are invulnerable to attack, the duty to safeguard your networks should be imperative in your organization. Act with urgency now to avoid an emergency later.

Contact Us

JDL Group can help you protect your patient information from ransomware. Contact us today.

Additional Resources:
https://www.healthcaredive.com/news/must-know-healthcare-cybersecurity-statistics/435983/
http://www.healthcareitnews.com/news/ransomware-accounted-72-healthcare-malware-attacks-2016

 

Protecting Patient Information from Ransomware

How to Reduce Your Law Firm’s Cyber Risk

law firm cyber security

Experts agree that cybersecurity threats present significant risks to businesses, including law firms. Clients place a great deal of trust in law firms, which have a clear duty to protect their clients’ sensitive information. While bigger targets exist, hackers have begun targeting law firms because they found them to be the weakest link.

Law firms usually have relatively weak or non-existent cyber-defense systems or protocols in place. Fortunately, mitigating risks from data breaches or ransomware requires a small number of relatively simple measures. Here are some cybersecurity best practices any law firm can put in place.

1. Use Multi-Factor Authentication

Also known as two-factor authentication, this simple procedure makes use of a user password and something else the user has (e.g., token, app, device, etc.) to generate a second temporary password or code to login to an information system. It may seem cumbersome to require a password plus a second step, but it is the easiest procedure a law firm can implement to significantly improve security.

2. Never Share Logins or Passwords

Password sharing remains a common practice, even in businesses. Employees do this all the time, often just to give a coworker access to a program or to simplify login procedures from a remote location. In some cases, passwords can be found on notes sitting on employee desks or sticking to monitors.

Reusing accounts presents a similar risk. In this instance, employees continue to use the account of a departed employee to maintain access to a specific profile or to data that profile can access.

Law firms should eliminate password and login sharing, requiring their IT department to create new logins for incoming employees and delete old accounts.

3. Choose Better Passwords

law firm cyber security Passwords constitute the first, and sometimes only, line of defense against cyber-attacks. Hackers today use improved technology to crack passwords, ending the days when an employee could use the same simple password forever.

Law firms should require passwords that are longer, use more diverse characters, and are changed regularly. A good password consists of at least eight characters, a mix of letters, numbers, and special characters, a limitation on repeat characters (e.g., BB).

Each system should have a unique password, and law firm employees should be encouraged to vary passwords on different websites they access. Another good practice is to use an extremely complicated password for email accounts, which is needed to reset passwords. Password managers also exist to help manage many different accounts.

4. Update Systems

Installing updates, while often frustrating, protects an operating system from vulnerabilities. Upgrading the operating system to the current version (e.g., Windows 10 or Sierra) provides extra protection.

5. Encryption

This uses a formula to make data unreadable without a key. As long as the key is secure, the data remains safe. Several services exist that provide encryption, and the latest computers have encryption that simply needs to be enabled.

These steps are relatively easy to set up, but transform a firm’s cybersecurity. Law firms face risks like every other business. By enacting industry best practices, a law firm reduces the dangers of an attack and gives their clients the security they expect.

Contact Us

JDL Group can help your law firm adopt the right cyber security strategy. Contact us today.

Additional Resources:
http://www.onelegal.com/blog/5-steps-to-getting-serious-about-law-firm-cyber-security/
http://www.lawtechnologytoday.org/2017/02/tips-for-risk-mitigation/
http://www.lawtechnologytoday.org/2017/01/why-remote-security-is-a-must/
https://blog.lexicata.com/how-to-improve-data-security-at-your-law-firm/

ransomware attacks on law firms

law firm cyber security

Experts agree that cybersecurity threats present significant risks to businesses, including law firms. Clients place a great deal of trust in law firms, which have a clear duty to protect their clients’ sensitive information. While bigger targets exist, hackers have begun targeting law firms because they found them to be the weakest link.

Law firms usually have relatively weak or non-existent cyber-defense systems or protocols in place. Fortunately, mitigating risks from data breaches or ransomware requires a small number of relatively simple measures. Here are some cybersecurity best practices any law firm can put in place.

1. Use Multi-Factor Authentication

Also known as two-factor authentication, this simple procedure makes use of a user password and something else the user has (e.g., token, app, device, etc.) to generate a second temporary password or code to login to an information system. It may seem cumbersome to require a password plus a second step, but it is the easiest procedure a law firm can implement to significantly improve security.

2. Never Share Logins or Passwords

Password sharing remains a common practice, even in businesses. Employees do this all the time, often just to give a coworker access to a program or to simplify login procedures from a remote location. In some cases, passwords can be found on notes sitting on employee desks or sticking to monitors.

Reusing accounts presents a similar risk. In this instance, employees continue to use the account of a departed employee to maintain access to a specific profile or to data that profile can access.

Law firms should eliminate password and login sharing, requiring their IT department to create new logins for incoming employees and delete old accounts.

3. Choose Better Passwords

law firm cyber security Passwords constitute the first, and sometimes only, line of defense against cyber-attacks. Hackers today use improved technology to crack passwords, ending the days when an employee could use the same simple password forever.

Law firms should require passwords that are longer, use more diverse characters, and are changed regularly. A good password consists of at least eight characters, a mix of letters, numbers, and special characters, a limitation on repeat characters (e.g., BB).

Each system should have a unique password, and law firm employees should be encouraged to vary passwords on different websites they access. Another good practice is to use an extremely complicated password for email accounts, which is needed to reset passwords. Password managers also exist to help manage many different accounts.

4. Update Systems

Installing updates, while often frustrating, protects an operating system from vulnerabilities. Upgrading the operating system to the current version (e.g., Windows 10 or Sierra) provides extra protection.

5. Encryption

This uses a formula to make data unreadable without a key. As long as the key is secure, the data remains safe. Several services exist that provide encryption, and the latest computers have encryption that simply needs to be enabled.

These steps are relatively easy to set up, but transform a firm’s cybersecurity. Law firms face risks like every other business. By enacting industry best practices, a law firm reduces the dangers of an attack and gives their clients the security they expect.

Contact Us

JDL Group can help your law firm adopt the right cyber security strategy. Contact us today.

Additional Resources:
http://www.onelegal.com/blog/5-steps-to-getting-serious-about-law-firm-cyber-security/
http://www.lawtechnologytoday.org/2017/02/tips-for-risk-mitigation/
http://www.lawtechnologytoday.org/2017/01/why-remote-security-is-a-must/
https://blog.lexicata.com/how-to-improve-data-security-at-your-law-firm/

ransomware attacks on law firms