This is a guest post from Georg Dauterman, CISSP, President of Valiant Technology.
It’s 8:15 AM on a seemingly typical Monday. You sit down to your computer, fresh cup of coffee in hand, and open Outlook — but something on-screen isn’t right:
The files you need for today’s budget planning session are in your inbox, but they’ve been encrypted along with everything else. The information you need is right in front of you, and you can’t access any of it, why?
You begin to remember back to Friday afternoon. An email came in with a link to a Microsoft Office 365 login prompt, so you supplied your username and password and moved on with your day — except the email wasn’t from Microsoft; it was a phishing attack designed by a hacker to steal your user data.
Your account credentials are now compromised by a cyberattack, and so are all systems in your business that use the same username and password. How will this impact your business growth?
What are cyberattacks and how do they affect my business?
Security events like the scenario described above, known as business email compromise, are one of many methods hackers use to gain access to your systems and proprietary information — and no business is immune.
Attacks like these can have a devastating impact on your business, interrupting operations and revenue generation, harming your reputation, or even prompting legal action. Even worse, 60% of small businesses will close in the wake of such an attack.
Most small businesses do not have the in-house resources to protect themselves from attacks like this, but there are five simple and powerful steps you can take to protect your company, customers, and yourself!
1. Use Only Strong and Managed Passwords
Passwords are the first line of defense for most business systems, and the overall security of a system is only as good as the weakest password in use. Always create strong passwords with the following guidelines:
- 10 characters minimum
- Use a combination of letters, numbers, and special characters
- Always create unique passwords instead of reusing them
Strong passwords can be tough to remember and storing them in a password manager such as Lastpass is a great way to keep track of them without sticky notes. With a password manager in place, you’ll just need to remember a single main password and the manager will handle the rest.
Using a unique password in our scenario would have limited exposure to systems using the same password as Outlook and reduce the likelihood of additional compromise.
2. Add Multi-Factor Authentication for Added Security
While strong passwords are an important factor in maintaining security within a business, more is better. Multi-factor authentication (MFA) improves security by requiring more than just a password when logging into a system. Temporary codes from an authenticator app or text message provide a second verification factor, and more importantly, a piece of information that’s coming from a device in your possession that cannot be replicated by an attacker.
If MFA was in use in our scenario, the attacker would have had only a single factor — preventing their ability from accessing any resources associated with the username and password that was compromised.
3. Use an Anti-phishing Email Filtering System
The anti-spam/phishing protection provided by many Cloud-based email services are good, but they fall short when compared to products that are dedicated to protecting your email from threats. Options such as IRONSCALES, a tool we use to protect our clients’ email, are ideal as it works seamlessly with both Microsoft 365 and Google’s G Suite, protecting email with shared learning systems and advanced AI.
A modern mail filtering system would provide a warning of potential, or even confirmed, danger in the email, preventing users from even navigating to the threat in our scenario.
4. Keep Your Computers and Mobile Devices Updated
Attackers are very aware of when software patches are released, and they use documentation associated with patches to create exploits that can be used against unpatched devices.
Be sure to keep your computer’s operating system and applications updated; the same goes for mobile phones, tablets, and other devices. Updated software plays a critical role in protecting you from known software vulnerabilities. Start with Windows Update or MacOS Software update and then enable automatic updates for your applications wherever possible.
5. Protect Your Information in The Cloud
Think of backups as the ultimate “undo” button. If you’ve accidentally deleted a file, or worse, find that you’ve become victim to business email compromise, a backup can restore your business to a point in time before the attack took place.
A cloud-to-cloud backup, used to protect Microsoft 365 and G Suite environments, gives you the ability to restore from a backup to undo the immediate effects of business email compromise, or even just an accidentally deleted file.
In the case of our scenario, a backup from before Friday afternoon could have been used to restore your email and access your business data. Other steps must be followed in the event of a successful attack of course, but you’ll have access to your data and other information required to maintain operations and investigate the security event.
Stay safe online and improve your defenses!
By following these simple but effective steps, you can greatly improve your defenses against common cyberattacks and be able to quickly restore data and your operations in the event of an attack.
Georg Dauterman, CISSP, is the President of Valiant Technology, a New York-based Managed IT Service Provider specializing in solutions for the communications and professional service industries.