What would you do if you walked into your workplace one day and found the following message:
“YOUR FILES ARE ENCRYPTED – IF YOU WANT TO RESTORE YOUR DATA YOU MUST PAY”
This is a ransomware attack. These messages always include a second line demanding payment within a very short timeframe, typically with Bitcoin to release your critical data. A prominent form of malware (malicious software), ransomware is easy to access, simple to use, and catastrophic on unprepared organizations.
If your family business were hit by a ransomware attack at this moment, would you know what to do? For many, the answer is no.
This is unfortunate, as family-run businesses are equally vulnerable to cyber threats as larger corporations. In fact, because well-known, high net worth individuals commonly utilize family offices, they attract more attention and become particular targets. Additionally, most family-run offices have employees who regularly travel, accessing important financial and personally identifiable information (PII) from a variety of locations.
It can be difficult to achieve a balance between efficiency and security, but protecting your technology and locking down access to valuable data should be your highest priority.
First, you should have a better understanding of ransomware.
Business owners, leaders and board members do not need to learn the technical terminology distinguishing ransomware, but understanding the working basics of it allows you to have constructive conversations with technical experts on the subject.
So what do you need to know about ransomware?
Ransomware is a type of malware that prevents you from accessing your computer and the data on it. Typically, the data is encrypted, but it may also be stolen, or released online.
A majority of the ransomware we presently see operates on an ‘enterprise-wide’ scale, where the entire network is affected, as opposed to just one user or one machine. Once attackers access your network, they typically take their time in working out where critical data is saved and how backups are made and stored. Armed with this exclusive information the attacker can encrypt the entire network at the most critical moment.
Typically, the attacker will then reach out to the victim using an untraceable email address (or an anonymous web page), and demand payment to unlock your computer and/or access your data. Payment is demanded in a cryptocurrency and may involve negotiation with the humans behind the ransomware.
This a precarious position, because even if you do pay the ransom, there is no guarantee that you will regain access to your computer or stolen files.
Moreover, our MCDA CCG have seen instances where cyber criminals threaten to release sensitive data stolen from the network during the attack if the ransom is not paid. It’s imperative to know that the government strongly advises against paying ransoms to criminals, including when targeted by ransomware.
So what should you be doing to ensure that your organization is prepared for a ransomware attack and in the best position to effectively respond?
Here are some initial steps you should take to reinforce your cybersecurity…
Arm Yourself With A Policy
Do you have a documented cybersecurity policy in place? If not, it’s time to create one. Ensure your employees thoroughly understand expectations and their responsibilities, and regularly train and test them to ensure compliance. Cover important topics such as:
- How should we store sensitive information?
- How should we transmit sensitive information?
- If an employee clicks on something suspicious, what should they do?
It only takes a single person to make one very costly mistake; have a policy in place before you find that it’s too late.
Don’t Trust Every Email
Email is often used by cyber criminals to invade networks, when an employee accidently clicks on a suspicious link, you are risking malware downloading onto your network. Business Email Compromise (BEC) is another common tactic where a hacker impersonates an executive or client with the aim of getting a target to send money or sensitive information. While some cases of this don’t pose too serious of a threat, there are situations where the criminal has compromised a server or has hijacked account credentials.
Whichever method is used, the lesson is the same: utilize discretion with every email you receive. Always leverage multiple methods beyond email to confirm the sender’s identity and intent before engaging, and never transmit sensitive information via unsecured email or text.
Reinforce Company Passwords
Do you reuse passwords? You may not be surprised that many businesses do, but when individuals reuse passwords across multiple accounts, a breach of one account threatens all the others.
To avoid this, the best strategy is to utilize complex, lengthy and unique passwords for each account. Yes, these passwords are difficult for anyone, and it’s hard to expect your personnel to keep track of them – this is where a password manager can help. A reputable password manager will create strong passwords for you and then store them in a cryptographically-sound way.
In addition to utilizing strong passwords, enable Multi-Factor Authentication (MFA) where you can, particularly to protect your high-consequence systems. Beyond a typical username and password, MFA allows you to add additional verification to confirm users’ identities – registered trusted devices, fingerprint scans and security keys are all examples of MFA.
Protect Your Network
Training your employees to identify and counter social engineering schemes comes with its own challenges, but you must do so to reinforce cyber security at your family office.
Begin by implementing a reputable, American-made anti-virus product on all business related computers and laptops. This will protect these devices from future malware invasions and clean up any existing infection. Ensure that you keep all software up to date across your devices, and install security upgrades (called “patches”) in every released update. To do this properly you must have an accurate inventory of all devices and software the business is using.
Limit Online Sharing
While social media allows us the instant ability to connect with others, its popularity has made it the perfect place for cyber criminals and blackmail attempts. Always limit how much you share on social media, and reinforce the privacy settings on your accounts. Furthermore, only give applications the permissions they really need because granting access to your photos, location, camera, contacts, etc., to limit the amount of personal information available to the application owner.
Traveling or accessing information from a remote location poses a unique set of cyber-risks and challenges. The best strategy here is to avoid using public Wi-Fi hotspots, which make your communications and internet traffic vulnerable to interception. Instead, create a personal hotspot with your phone and connect through an LTE, and you should apply additional protection in the form of a Virtual Private Network (VPN).
In general, when traveling, be picky about the devices you bring with you, never leave them unattended and refrain from using public computers or publicly available charging cords or USB ports.
Hire an Expert
To put your cybersecurity in the best position possible, you may wish to engage the services of a cybersecurity expert.
A cybersecurity expert can conduct a vulnerability assessment, train your staff and clients, evaluate your vendors and advise on encryption tools, insurance, document storage, network monitoring and more. Our MCDA CCG team is partnered with some of the top cybersecurity firms intent on bridging the gap between top-level digital security and the modern day business.
Don’t wait for a threat or attack to trigger your response, preparation is your best strategy in this situation. Call our office – headquartered in Placentia, Orange County, California, to speak with one of our experts to find out how we can effectively meet your cybersecurity needs while saving you the substantial costs associated with conventional methods.
The call is free, contact us now!