Updates on Critical Website Vulnerability
We recently shared with you about a critical vulnerability located on most websites. We took down our client management site for a few hours as a precaution, but brought it back up after we ensured there was no vulnerability to our clients. All of our software and applications have been patched or confirmed to not be susceptible to the vulnerability. We have also confirmed that Check Point firewalls are also not vulnerable (click here for more technical details).
This is an evolving situation and if any additional critical information, we will be sure to update you.
Another Hire at IntegriCom
We are excited to announce new team member Ryan Moxley, who joined us in November. Ryan comes to us with over 17 years of IT experience, and he has a strong love for solving problems and helping people. We know that you will enjoy working with Ryan!
Think Your Business is Too Small to be Hacked? Think again.
As a managed IT services provider, it’s common for us to hear from business owners that they’re not really concerned about cybersecurity because they’re too small for hackers to target. But the truth is, any business can be a target for a cyberattack, regardless of their size or revenue.
In fact, nearly a third of data breaches in 2019 involved small businesses. Even the smallest of companies has customer, employee, and owner data that cybercriminals are eager to get their hands on. Unfortunately for these smaller businesses, the fallout from a data breach can be devastating.
If you think that your organization is flying under the radar due to size or revenue, here are a few reasons to reconsider your thinking.
1. Cybercriminals Don’t Care About Size
When it comes to cyberattacks, most hackers know that it’s not the size of the organization that matters, but the amount and types of data the business collects – and how vulnerable their networks are.
Oftentimes, cybercriminals utilize software programs that help them locate the most vulnerable organizations by scanning the internet for specific vulnerabilities, or sending out hundreds of phishing emails to see who falls for them. This means that attackers are not targeting specific companies, but rather just casting a large net and seeing what they catch.
Unfortunately, small businesses lack the resources, cybersecurity awareness, and often the motivation to secure their data, making them ripe for the picking.
2. Employee Cybersecurity Training is Lacking
If you assume you’re not at risk of a data breach, then it’s very likely your organization is not dedicating time or resources to cybersecurity awareness training. Attackers are well aware of this and use it to their advantage.
Why work harder to infiltrate a large organization with significant time and money devoted to cybersecurity training when attackers can more easily exploit untrained employees at small businesses?
For example, an employee receives an email from someone with their boss’ name that has an urgent request. An untrained employee might not think twice about responding and providing the requested information. Small businesses are prime targets for social engineering attacks like these since attackers may be able to more easily find information about the employees at the company and what the hierarchy of the company appears to be.
With awareness training, employees can better spot fraudulent or malicious requests, and do something about it before they end up a victim.
3. There’s Still Money to be Made in Small-Time Hacks
While the big data breaches make the news every few months, there are hundreds of thousands of smaller breaches that happen every year. Large companies spend a significant amount of money on cybersecurity – making them more difficult and time-consuming to hack – so many attackers choose to go after lots of smaller organizations instead.
Stealing little bits of easy-to-get data from a large number of small businesses can make for a big payday on the dark web. Hitting just a few companies with ransomware, then demanding $10,000 to decrypt can net a hefty profit from those willing to pay to get their business back up and running as quickly as possible.
Protecting Your Business
Even if you’ve somehow managed to survive the past few years without a data breach, statistically speaking, you can be sure that the hackers will make their way to your business eventually. Knowing that, it’s important for you and your organization to be prepared for the inevitable.
By protecting your business through proper IT and cybersecurity management, you can mitigate many of the ways cybercriminals attempt to infiltrate your network. However, it’s also critical to know what to do in the event that the cybercriminals find their way in.
You should never pay a ransomware attacker without consulting a cybersecurity professional. Your IT provider should have protocols in place for managing a ransomware attack, and be able to lead your response strategy.
Please reach out to us for more information on how to keep your employees trained and aware of threats in today’s every chaining security landscape.