3/4/2022
Should businesses be aware of increased cybersecurity attacks with the invasion of Ukraine?
The answer is overwhelmingly, YES. It is always important for businesses to be cautious, however right now with the increase in cyberattacks due to the invasion, the reality is that your business may not be a direct target, but become an indirect target.
In addition, much needed funds are simpler to acquire through ransom, hence the sanctions against Russia could increase the overall surge in cyberattacks.
To protect your business, here are some reminders to reduce risky behavior:
If you receive an email:
- Make sure you are expecting the email. If not, and it has any of the clues below, CALL the sender to ask if it was intentionally sent, don’t just reply to the email… if the “bad actor” has access to someone’s email, they can just reply to you and say it’s ok.
- Check the sender’s email address and look for any symbols, or odd spelling.
- As with all links in email and on the web, you need to be certain they go to a reputable site BEFORE you click on anything. Always hover over each link to see where it actually goes (in most cases the link will be displayed in the lower left of your screen). In this case each link should point to https://www.itworks.us.com if not, DON’T CLICK. An example of this is http://www.ups.com/track (hint, hover over this link to check it).
- Do not provide personal or confidential information via email, unless you confirm it is a legitimate source. Check the sender’s email and possibly confirm with the sender via phone.
- Do not click a link in an email, unless you know it is a legitimate source see above.
- If an email looks visually different from what you have become accustomed, or if it looks strange in nature, please do not click on it. Ask for help or confirm with the sender personally.
- Do Not open email from an email address you do not know until you have confirmed the source or validity of the email. Look carefully again, itworks.us.com and www.itworks.us.com are NOT the same thing. Mouse over the link (see above).
- ANY type of attachment (except one) CAN and DO contain viruses, ransomware, and malware.
- Bottom line is, if it “feels” weird, DON’T CLICK, reach out to your Managed Service Provider (MSP) and get a second pair of eyes on whatever it is.
Best practices around passwords:
Passwords can be seen as an inconvenience, and we all want to access everything quickly and easily. This is reasoning most allow sites to save our passwords, which is a massive security risk. We are trying to get so much done, so fast, and the fear of losing time because of a forgotten or changed password causes delays. But diligence with password security is crucial. These changes will help deter what could potentially be a major security breach.
To keep your passwords and access safe, please consider ALL these options. Together, they will provide the best protection against having your personal information stolen by bad actors and protect your system and workplace from getting hacked.
- Change passwords regularly
- Do not save passwords
- Do not use universal passwords.
- Use 2 factor authentication
- Make sure passwords are long (preferably more than 16 characters).
- Passwords should be complex (i.e. Numbers, UPPER/lower case letters, and symbols).
- Above all else, make sure they are unique.
This can’t be overstated… Passwords need to be unique, long, and complex. Long Passwords are harder to crack. See our Password Strength Test for guidance on best practices.
For more in depth information, please see our blog Do Not Click.
Best practices to avoid business IT malware infection:
- Prevention = Processes for reliable and repeatable Updates, Patches, Training, Back Ups and Disaster Recovery. These are the key factors in keeping your business safe from ransomware.
- Update software and apply Patches regularly. Ransomware often exploits older or unpatched software.
- Make sure your technology meeting minimum best practices, this is accomplished with regular checks to make certain things are the way they should be.
- Back Up your computers, servers, firewalls, switches, website, and anything else that the business relies on regularly to a safe place that hackers cannot access. In case of attack, this will better help your response (so make certain they work BEFORE you need them). It’s not a matter of IF, it’s WHEN. You need to be prepared.
- Respond quickly. The more time it takes to respond to an attack, the higher the recovery cost. Be prepared to execute a well thought out pre-planned Disaster Recovery Plan (DRP) in case of attack.
- Work proactively with your technology team. The other option is reactively, which means you are already down.
For more in depth information please see our blog Protect Your Business from Ransomware
In the event of a ransomware attack, a qualified proactive Technology Services Provider can help navigate business cybersecurity protection efforts and have the processes in place to identify a breach, enabling a response to be immediately implemented. Qualified proactive Technology Services Providers can be the difference between business doors opening again, the duration of downtime and recovery, and be a strategic partner in a pre-planned response strategy. This relationship could be the difference in how long a response will take and improve business chances of recovering. It is much better for small and medium sized businesses to have a trained partner in a ransomware situation, than to search for this partner while the attack is taking place. The longer a breach goes on, the more harm that’s being done, causing greater consequences (i.e. cost).
To help you evaluate your business risk, please take our five minute, high-level Cybersecurity Risk Assessment.
The best way is to avoid cybersecurity issues is to take the extra time and engage in safety protocols. The easier you access information, the easier time a bad actor will have accessing all your links and saved passwords. We all hope for a peaceful resolution to this situation, please be cautious and do not bypass safety policies for ease of use, they are in place for a reason.
Cybercriminals are going to steal from those who make it easy, be vigilant, PROTECT YOURSELF AND BUSINESS IT FROM SECURITY ISSUES.
If you would like to help the efforts in Ukraine, please see this link: Help Humanitarian Efforts in Ukraine (publicgood.com)
