New computer crimes continue to pop up—like cyber extortion, denial of service attacks, and data theft from sources like cloud storage. That’s on top of information being stolen from un-shredded documents, computers, smart phones, websites, email, and social media. Here’s what criminals are after:
- Customer data
- Lease, sales, and rental agreements
- Third party confidential information
- Employee data
- Personal information like Social Security numbers
- Health information
- Tax information
- Company data
- Credit, debit, and other payment information
- Financial information
- Account balances
- Loan histories
- Credit reports
- Email, phone, and home addresses
Protect your company and customers
Protection is possible. Front-end data security makes it harder for a hacker to get in. Other security and data backup upgrades might also limit the damages. In addition, data extortion coverage helps provide extra peace of mind. Here are some other things you can do to help protect your business and your customers’ valuable information:
- Identify sensitive data: Look for Social Security and driver’s license numbers, as well as any health and financial information.
- Note where it’s located: Identify whether it’s electronic or on paper, how it’s used, and whether you really need to collect it or store it. If not, consider not asking for it or deleting it immediately after any required use.
- Back up data: Ensure any data critical to your company’s existence is secured and copied to a separate storage site.
- Ask an expert: Have a software/hardware security expert check your system for strong encryption and authorization protocols.
- Immunize your system: Make sure your antivirus package is current and able to block attacks.
- Educate employees: Teach workers to recognize and delete potential phishing scam emails.
- Power up passwords: Require strong user passwords and regular resets to toughen security.
- Avoid future problems: If you meet an extortion demand, scan your database to make sure other malware hasn’t been attached that could allow future attacks.
Dealing with ransomware
If the unthinkable happens and you are attacked by ransomware infection, you’ll want to respond right away. Take the following steps:
- Disconnect any infected machines from your network (wired and wireless) as soon as possible
- Contact law enforcement and your insurance provider immediately
- Evaluate the extent of the infection, identify the ransomware variant type if possible, and determine whether the infected machine was connected to shared or unshared network drives, external hard drives, USBs, or cloud-based storage
- Check for any registries or file listings created by the ransomware
- Clean the ransomware from the impacted systems and reinstall the operating system
- Restore from a reliable backup
Paying a ransom
If you don’t have a backup and decide to pay the ransom, there are a few things for you to consider. Are you comfortable paying an unknown source? And since you’ll be using your organization’s funds to make a ransom payment or pay an unknown source, are there any compliance or legal considerations you need to address? Also, keep in mind that you should scan any files you’ve received from the criminals for malware.
If possible, consider testing the decryption key on a backup of the encrypted data, so you can determine if it works without potentially causing a data corruption issue with your encrypted data.
At Hortica, we want to assist you in protecting your business by providing the information and resources you need to help prevent losses before they happen. Give us a call at 800-851-7740. Let’s have a conversation about protecting your critical data.
Learn more about protecting your business, check out the Hortica Resources section.
Concerned about equipment thefts from your business? There are ways to protect yourself.
Security cameras may provide you some extra piece of mind. Check out the details.