Cyberattacks continue to be on the rise, with ransomware leading the charge. To show how significant the rise is, the shift to remote and hybrid work models caused by the pandemic contributed to a 300% increase in reported cybercrimes, according to Datto. That is not even factoring in the war in Ukraine and natural disasters happening around the world, which increase the rate even more. It’s mind boggling.
The Conti ransomware attack in Costa Rica in April, the Marriott data breach and, more recently, Uber with its cybersecurity incident are examples of highly publicized cyberattacks in 2022. Although big-name businesses often are spotlighted when an attack happens, organizations of all sizes do need to be concerned – everyone is a target and it’s not likely to get better any time soon.
“We’re seeing a marked increase in ransomware and SMS phishing schemes, and there are concerns that cyberattacks could rise in the short term as online fraudsters attempt to capitalize on the economic fallout of Hurricane Ian,” said Dan Shapero, president and chief operating officer of TeamLogic IT.
Because of those concerns and with October being Cybersecurity Awareness Month, TeamLogic IT reminded businesses to implement practices to improve IT security.
Bad actors in cyberattacks are tricksters. They find ways to fool employees into clicking on malicious links to get into the network. They also like to trick employees into providing sensitive information through email. With a little under 85% of data breaches involving a human element, according to Verizon's “2022 Data Breaches Investigations Report,” it is important for companies to educate employees. Train them to recognize and report phishing and other suspicious online activity.
Passwords are a wall of defense, and multiple levels of passwords naturally create hurdles for bad actors. Companies need to enable MFA to ward off potential attacks. While on the topic of passwords, encourage employees to create stronger passwords. Complex passwords are another means of detouring would-be cybercriminals. Companies should consider using an encrypted password manager to strengthen password practices.
Software updates are vital. They keep all devices running smoothly. Updates also prevent potential security issues. Updates should be made as soon as they are available – do not delay them. Lastly, businesses should avoid leaving themselves vulnerable to attacks by cutting back on front-end steps to protect their IT infrastructure.
“Businesses need to ensure they’ve implemented these and other essential IT security best practices and that they stay up-to-date on the latest threats and ways to protect themselves,” said Shapero.
Managing security isn’t easy and takes real effort and expertise, which most SBS don’t have internally. That’s why so many are leaning on their MSPs to provide security services, in addition to meeting their other IT needs. Not having effective security measures in place is simply too risky.
Edited by
Erik Linask
