Small businesses are under attack. Right now, extremely dangerous and well-funded cybercrime rings from all over the world are using sophisticated methods to hack into small business systems to steal company and client information. Some rings are even being funded by their own governments.
Their weapon of choice―SPAM. Statistica reports that as of March 2018, over 48% of email traffic worldwide is SPAM―many carrying malware designed to infiltrate networks through infected workstations.
Fact: there is no one security system that is 100% effective in preventing a cyber-attack, especially when humans are involved. People are the weakest link and consistently click on infected links or open virus-laden attachments in SPAM emails. That’s why SPAM is so prevalent.
However, there are some things you can do now to protect your business:
- Make sure your employees are aware of how attacks occur. Have them read our blog and pass around this newsletter. In fact, learn to identify SPAM emails. Read our post on the subject.
- Patch and update Operating systems and third-party applications continually.
- Update anti-virus/anti-malware programs on all systems and never operate without them.
- Don’t click on any links or open attachments in unsolicited emails. Hackers often spoof well known, trusted brands. If you cannot verify using their official, published contact info―delete it.
- Most financial institutions don’t send attachments. They’ll post messages and documents to your account. Never click on anything in the email, always go to their official website and log into your account. Anything of importance would be noted there; or just call them.
- Disable Office macros. Hackers use macros to deliver malicious payloads when targets open attachments. Disabling macros gives you an added layer of protection in case you mistakenly open an attachment in an email (which you should never do).
- Enable two-factor authentication, where available.
- Limit access to confidential files to only those that need it.
- No one should operate their workstation on a normal basis with administrative-level rights.
- Most important―businesses should install a Hybrid-cloud Business Continuity system to protect its data. While Business Continuity systems cannot prevent ransomware and other malicious attacks, they can ensure fast and complete recovery—data backup only protects you from data loss, not from downtime. Many go out-of-business waiting to recover.
For a business, it is not a matter of if, but when it will experience a cyber-attack. How well you prepare your company to respond to such a disaster could be the difference between going forward or closing your doors for good.
Don’t be a sitting duck. Act now!