Cyber Security is a Very Real, Everyday Issue
Having attended a most enlightening event at the Lower Bucks County Chamber of Commerce, I felt compelled to draft a quick article with my thoughts on what I learned today. We, at SyncraTec Solutions, were already aware of Ransomeware attacks like Crypto Locker and Crypto Wall as we’ve actually had clients that have been inflicted with these threats. The threat is to your business data. The attack could come from any user clicking on a link in an e-mail or opening an attachment in an e-mail.
This was the lesson of the day. Train your employees (and friends and family members) not to click on links or attachments in suspicious e-mails. Also, lesson number two: look at the domain name of the email address very carefully if you’re at all suspicious. An e-mail from somebody at email@example.com is not the same as an e-mail from firstname.lastname@example.org. Make sure you trust the source before clicking through a link or opening an attachment. Sometimes, the best thing to do is to call the sender of the e-mail to confirm that they actually sent you a particular e-mail, if you have any doubt about its authenticity. Calling the source is one form of two-factor authentication, which is something we’ll probably all be more familiar with in the months and years ahead, as a way of verifying you are who you say you are online. If your colleague is not aware of the e-mail, then they have been hacked, and the most courteous thing to do in that case is for your colleague to advise everyone in their address book that the attachment or hyperlinks in the e-mail potentially contain a Trojan Horse virus.
Cyber Security Basics
At SyncraTec, we do our best to protect our clients data. We have firewalls, and anti-virus, and anti-spam deployed to all servers and desktops, and kept up to date. We have nightly data backups and online backups. But it only takes one bad decision to let the attack in through the unsuspecting click on an a malicious link or attachment, much like leaving an open window on an otherwise secure house.
One thing that is for sure, if you get hit with some kind of ransomewear — and you don’t have any data back-ups — then the only way to un-encrypt the data on your local hard drives is to pay the ransome. The problem is that these types of attacks usually affect all the hard drives on your network — both client PC’s and laptops and shared network drives on servers.
We’ve found that off-site or online backups provide a means for recovering your data without paying the ransome. First you must use the tools at your disposal, such as Symantec Endpoint Encryption, to locate, identify, and eradicate the virus at its source on your network. Then, if you’ve prepared for such a disaster, you can restore your data from your most recent backup.
Thanks again to the Lower Bucks County Chamber of Commerce for an informative presentation today by Michael C. Quinn, Associate Managing Director of Kroll Advisory Solutions Cyber Investigations: https://www.kroll.com.