Unfortunately, the bad guys are getting good at taking advantage of your small business.  How?  By using everyday tools that you use to do business and turning them against you.  According to Webroot’s 2018 Cyber Threat report, there are 5 top threats that you as a small business and we as a technical team need to be aware of to prevent your business from becoming a statistic.

  1. Ransomware: Ransomware is defined as “a type of malicious software designed to block access to a computer system until a sum of money is paid.” Ransomware is one of the costliest cybercrimes that happens daily.  Thieves encrypt your files on your PC or server and offer to send you the unencrypt code if you pay them a certain amount of money.  Unfortunately, they are thieves and may or may not actually give you your files back.  From an IT standpoint, the best defense is your backup.  We recommend saving any files you need to a network drive on the server (your home directory or a shared drive) so that it is backed up every day.
  2. Phishing: We all have gotten the email about the person wanting to share their millions with us. We know that was a scam and they just wanted our information.  But how about the email where your boss wants you to help him out by wiring some money?  Or your customer gets an invoice from “you” and they go to pay it, but you never get the money because it didn’t really come from you.  Phishing scams are emails where the thief is looking for money or information to get into your account.  If you aren’t expecting an email or you are at all suspicious call the sender or contact your IT provider to verify its legitimacy. Be suspicious and stay safe.
  3. Malicious Mobile Apps: Most people today use smartphones which run all sorts of “apps”, from email to games. Unfortunately, those apps may or may not be vetted or legitimate apps. Webroot reports that up to 1/3 of all apps that are available in your favorite app store are built with malicious intent.  Your biggest defense on this is to know about your app.  Read reviews and do research if you don’t know.  Know what your apps need access to on your phone.  Deny access when needed and be wary of what apps need access to.
  4. Cryptojacking: Cryptojacking is when a tiny change to your system yields big results for the thief. You may never even know that your pc has been cryptojacked until you notice it is doing odd things.  Thieves will attach the small change to an email or document and when you open it, the attachment will run a macro in the background that will make a small change to your PC.  Over time, these errors will lead to a steady return for the thieves.
  5. Polymorphism Malware: It used to be that static lists were kept updated for your anti-malware to filter out any malicious requests or software on your computer. Webroot reports that of the millions of executable files that it analyzes each year, up to 94% of them were now considered “polymorphic”, meaning there was a little variation in the malware binaries that prevent the lists from filtering out all threats.  These changes don’t affect the core functions but prevent anti-malware software from reliably filtering and stopping these threats from infecting your PC.  The best defense against polymorphic malware is to keep your anti-malware software up to date.

None of this is meant to scare you, but to make you more aware of the threats businesses face each day.  Your best defense is education.  Educate your employees to be suspicious.  Don’t click on a link just because it is in an email.  Contact the sender if you don’t know.  Having a trusted IT partner on your side will go a long way as well. At Layered Systems, we run multiple anti-virus and anti-malware scans daily to ensure that your systems stay protected. Our technicians are highly trained to recognize and mitigate phishing attempts, ransomware, viruses and malware. Contact Us today to learn more about network security and what Layered Systems can do to keep your business secure.