Barely one month into 2017, cybercrime is already making headlines. Two major stories broke just this week: first, 2016 shattered all previous data breach records, with more than four billion records compromised worldwide. In the United States alone, more than 2,000 data breaches were reported — 10 times as many as the United Kingdom, which came in second with 203. And from those breaches, United States companies lost nearly 3 billion total records — again, 10 times as many as Russia, the second-place finisher on that list.
The second major story came out of Texas, where the Cockrell Hill Police Department admitted in a press release that eight years of critical materials — body camera video, in-car video, in-house surveillance video, photographs, and all Microsoft Office documents — were lost after department servers were infected with ransomware.
The first story doesn’t come as that big of a shock: Yahoo’s record-breaking announcement that 1.5 billion records were stolen in the two biggest data breaches of all time meant 2016 was guaranteed to be a record year. In all, the top four breaches of all time (and eight of the top 20) occurred last year.
But the Texas police department story is particularly troubling for small to medium-sized businesses that rely on their data for day-to-day operations. The attack originated with a phishing email from a spoofed email, or one that closely resembled an official account (think firstname.lastname@example.org instead of email@example.com).
According to reports, the devastating infection took place when a police officer opened a spam email from the spoofed address. The security infiltration was discovered on December 12th, 2016, when unidentified cybercriminals encrypted the police department’s data and demanded $4,000 in ransom to unlock the files. After contacting the FBI’s cyber-crime unit, department executives decided not to pay, instead wiping their data server clean and reinstalling encrypted data from a recent backup. Unfortunately, that backup also became infected when the ransomware installed itself on the officer’s computer, leaving the backup data inaccessible as well.
What can you do to protect your company from data breaches, phishing attempts, and ransomware infections like these?
1) Remote, redundant, off-site data backup.
The Cockrell Hill Police Department in Texas was only one step away from achieving this last crucial piece of the cybersecurity puzzle — but the fact that its data backups were stored locally prevented them from recovering fully from their recent ransomware infection. With reliable off-site data backups captured on an automatic, regular basis, however, businesses can bounce back from even the most devastating virus.
2) Multi-layered network security to achieve comprehensive protection.
Today’s constantly evolving security threats require constant vigilance, something that no single IT solution can achieve on its own. That’s why CMIT Solutions layers proactive management and maintenance of technology infrastructure with industry-leading firewall, anti-spam, anti-malware, network analysis, content filtering, and password security tools. Hackers are working 24/7 to steal valuable business data, which requires a 24/7 approach to cybersecurity.
3) Modern security awareness training for employees.
As the Texas police department story illustrates, the well-meaning folks who work at your company can present a huge security threat. Just one click on the wrong email led to the disappearance of eight years of data, which is why security awareness training for all staff members is a must. Starting with basic concepts like not clicking on ANY external links or downloading ANY unexpected attachments and always looking out for spoofed emails, comprehensive security policies and workflows can help employees serve as the front line of defense for your company.
Don’t let the 2017 tide of cybersecurity problems sneak up on your business. If you want to more about the importance of data backups or the necessity of trusted and vetted policies and procedures for your employees, contact CMIT Solutions today. We take care of IT security so you don’t have to.