Every business is subjected to a barrage of cyber attacks every day. Regardless of your business size, your email, web site and network are being probed and tested for vulnerabilities. Small business owners often say they don’t have the time or resources to address these issues. Unfortunately, you do not have the choice, you can protect yourself or be a victim.
Why would a bad actor target you? Here are some of the ways to become an attractive target.
Email Scams
Cyber attackers generate emails that ask for personal information, credit data, bank account information and passwords. These are called “Phishing” attacks and they are the most common type of cyber threat. You can attract these threats by not having an effective email screening and blocking process.
The cybercriminal uses the same type of email software to send their phishing campaigns as a legitimate firm may use for customer solicitations or fundraising for a non-profit. The software can track how many emails are opened, forwarded, and how many links within the emails are clicked. This is a tool to measure the effectiveness of the campaign.
If you have a small number of email addresses associated with your domain name, it is easy for your domain to have a high percentage of opens, forwards, and clicks. In a ten-person organization, if 3 people open or forward a message and 1 person clicks a link you have a 30% open rate and a 10% click rate. This is a major success for the cybercriminal.
Your email addresses and domain are now identified as vulnerable and would be a more valuable target in the future. Since many of the phishing emails appear to come from the CEO or owner of the firm, getting a high open rate or click rate is not uncommon. Having good email screening discipline is critical and low to no cost as a safeguard.
Teach your staff to mouse over the sender’s name to see their email address. If the email address is not what you expect to see, immediately block that sender. Do not forward the email to everyone and tell them it was a scam. You increase the open rate and forward rate for this attempt. If your internet service provider (ISP) has a security feature to report suspicious emails, use it. If the phony email was supposed to be from one of your vendors, alert them to the event.
Ransomware
Ransomware is the introduction of software in your network that encrypts the data and makes it unusable. The cybercriminal then offers to reverse the process for a payment. The bad actor may also threaten to release your data, including confidential and personal information if you do not pay.
The keys to preventing a ransomware attack fall into low-cost efforts that should be part of your normal operations.
Update your software. Operating systems have automatic functions to allow updates to be loaded automatically. Unless you have a dedicated IT department, use the automatic update features to keep your systems in the best protection status.
If you have on-premises servers for files and email service, be sure you have the proper updates and security processes in place. Many small firms lack the IT expertise to manage these systems. Know your limitations and respect those exposures.
Have an antivirus and anti-malware program in place. Use the automatic updates for this service to keep it current. Many of these products include automatic update screeners for your other software to keep it updated.
If you have off-premises access to your data, use Multi Factor Authorization (MFA) to have a second layer of access control. MFA is becoming a mandatory feature for some cyber liability insurance providers. No MFA, no coverage.
Resources
If you have a cyber liability policy, the carrier may have resources for your use to help you protect yourself. Most cyber policies have information attached to the policy about support services available.
A very comprehensive resource is provided by the US Government. The Cybersecurity & Infrastructure Security Agency (CISA) has screening tools, sample policies and screening tools that can be used. Visit www.cisa.gov for access to this information.
The Driehaus Difference
We want you to be successful and in reality, the amount of coverage available for cyber liability losses is not sufficient to cover all of the expenses of the event. We want our clients to make informed decisions about managing their exposures and implementing controls that are sustainable and affordable. Call us at 513-977-6860 to reach one of our staff members or contact us via our website www.driehausins.com to get in contact with us.