I read a blog entry this morning by M. Scott Ford – Founder & Chief Code Whisperer, Corgibytes, LLC where he points out the error of Homeland Security Secretary Michael Chertoff likening of Digital Attacks to Biological Attacks and urges another mind set.
Like it or not, digital warfare is a part of our new norm. We need to see it for what it is – perpetrated by would be thieves around the globe – usually to pick our pockets. This intent or desire isn’t new just the form of the attempted theft. As such, we shouldn’t cower from or have some primal-fear reaction to this age-old problem, we just need to adjust our mind set.
There are ways to protect and prepare for such violations to mitigate fear, loss and downtime.
How often to you back up your computers? Do you have employees that work from home? Who handles your tech security? What should you do in the event of a breach or ransomware? Have you discussed current threats or phishing scams with employees?
As noted on www.Barkley.com by author Jonathan Crowe most Ransomware is distributed via Phishing and over 30% of those emails are opened. This is a topic that REALLY needs to be discussed on a companywide level for all size companies. Small business seems especially at risk without the larger resources of capital or manpower to focus efforts.
Barkley also has fabulous suggestions for protecting against Phishing:
- Add a layer of runtime malware defense on top of antivirus
- Have a solid backup strategy and test it properly
- Let users know what to do if they do have an infection
- Disable Microsoft Office macros
- Configure user settings to show file extensions by default
- ABP: Always be patching … meaning updating
Most of these are pretty easy to do with a good system in place. Most of it just takes a plan of defense … or an IT Guru/company if you prefer to find someone to do it for you.