You’re probably very busy right now, so here is the bottom line. Hackers know that you are worried about other things right now, so this is a good time to launch an attack, hopefully getting in before you detect them and hiding. This means that you need to have an effective Security Event Monitoring solution in place to try and keep the bad guys out. If you don’t, contact us, we have a great, cost effective one.
Hackers have figured out that you are taking your eye off the security ball right now as you try to keep the train on the tracks.
Last night’s post talked about all of the phishing activities that are going on right now, but that is not all that is going on.
PROBLEM #1
This past weekend the U.S. Health and Human Services network was hit by millions of attack attempts. They claim that they were able to fend off the attacks, which I believe. HHS says that they added extra layers of defense in the past few weeks, likely working with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
While HHS was able to fend off the attack, would you be able to fend off an attack?
They say that they don’t think any data was stolen.
PROBLEM #2
Hackers are using our fear of Coronavirus to get us to click on links, download files and open attachments. One such example is a supposed Android app that helps you track the spread of the virus. Unfortunately, if you install this app, it will change your screen lock password and demand a ransom to unlock it. The hackers demand a $100 ransom in bitcoin and threaten to delete your photos and contacts and publish your social media credentials if you don’t pay. This is only one example of what the hackers are doing.
A ransomware attack while you are trying to get people to be able to work remotely is a disaster.
PROBLEM #3
Hospitals (and other businesses) are being hit by ransomware attacks. Hospitals in particular are a real problem. Some of those being attacked are smack in the middle of dealing with the Coronavirus and this is taking them out of play. Same thing with your company. This would not be a good time for you to be hit by a ransomware attack – not that any time is. Are you ready?
Look at the statistics
The volume of attacks is dramatically increasing because the attackers know that in the midst of everything else, you are more likely to pay to make them go away. And your employees are more likely to make a mistake and click on a bad link.
Cynet is a security tool company and here are two charts that they have created. First the number of email attacks:
Look at the jump in the number of attacks. That looks like a 300% increase. That will likely continue.
Now look at the attack vectors:
The two big attack vectors are weaponized documents of some sort (slightly less than half) and then email (slightly more than half).
Okay; so now that I dragged you through all of this, what should you do?
This is not new. If you are one of our customers, you have heard this before. You need to implement a security event logging and alerting. I know, you don’t have the time or the budget. Do you have time to be down for 30 days right now?
Very few companies have the ability to do this themselves. We have looked for a good and affordable solution for a couple of years now and we think we have found one.
As you juggle all of the balls that you are juggling right now, unfortunately, you really need to add this one to the mix. Sorry.