You hear or read about another cyberattack almost every day. One day it’s a ransomware attack that encrypts critical data and incapacitates a city or small business until a ransom is paid. The next day it’s an e-mail phishing attack that leads to the loss of customers’ Personally Identifiable Information including social security numbers and credit card information. Another time it’s an attack on a manufacturer’s critical intellectual property and trade secrets that often leads to a loss of jobs and company revenues. Of course, all of these attacks damage the reputation of the organization making it difficult to put a true cost on the attack.
In order to protect your home-based or small business, you typically rely on your IT expert or Internet Service Provider to recommend and install the latest firewall to keep hackers out of your network. Some business owners often rely only their own ‘IT expertise’ and download and install the leading anti-malware and anti-virus solutions in order to scan the devices on the network and clean up any systems that have been compromised. Once these steps are taken care of it is assumed that the network is now locked down and protected. But is it?
Sadly, the answer is no. In what feels like a never-ending “arms race,” cyber-criminals are now exploiting the security vulnerabilities of the Internet of Thing or ‘IoT’ devices that are connected to your wireless network. These devices range from security cameras, printers, smart devices like TVs, thermostats and include smartphones and tablets. In many cases, malware can hide on your network for months before it is detected and remediated by conventional solutions. Yet, 87% of cyberattacks are launched within minutes.
According to Doug Clave, VP of Cyber Security Solutions, FICO, “Current cybersecurity solutions leave a wide gap in coverage. It’s like having a burglar alarm that doesn’t go off until after the burglar’s done his work, left the premises, and crossed the county line.” By then the damage is done.
Why would someone want to hack my small business? You may think that hackers only target large companies but hackers are targeting small businesses at an alarming rate today. Why? There are far fewer defenses with small businesses, and the data treasures are definitely worth it.
A recent warning by the FBI regarding the VPN Filter attack is an example of this problem. In this case, the device that has been targeted is the actual network router itself. Routers designed for home and small business networks that have been supplied by leading manufacturers such as Netgear, D-Link, TP-Link, Linksys, QNAP, ASUS, Mikro-Tik, and others are particularly vulnerable. The VPN Filter malware spies on internet traffic and is capable of stealing website and harvesting network security credentials.
Of particular concern is the fact that this malware is not easy to clean up. While the FBI recommends a hard reset of your router, in a recent report, Symantec indicated that this is only a temporary solution and suggested that the malware will return unless you download the latest firmware patches for your router and avoid using its default settings. As you might conclude, managing security patches and changing the configuration of your router from 192.168.0.1 is not always a straightforward process.
So what is a small business owner to do? One approach is to hide your head in the sand and hope it all goes away. Probably not a good idea considering the liability and loss of customer goodwill that will result from a breach. The other option is to fight back, but the question is how? It doesn’t seem like there is any one solution out there that is affordable, easy to use and provides adequate protection by filling the gap left by current solutions.
The answer to this question lies in understanding that the best cybersecurity solutions are delivered in layers. Think of your cybersecurity protections like layers of an onion. The layers that you apply depend on the problem that you are trying to solve and the data that you want to protect. For example, there are new solutions available to small business owners that will sit inside of your network and prevent your employees from accessing risky websites or clicking on suspicious emails. There are also solutions that use Virtual Private Network (VPN) technology to protect your identity when you are surfing the internet or communicating with the outside world.
To protect customer data or sensitive information, there are behavior-based solutions that detect and alert you to suspicious scanning activity (a common technique used by hackers). These devices will also sit on your network and trick any malware that has breached your defenses into launching an attack. This ‘deception’ approach to cybersecurity allows you to detect hacking activity in real time and block a compromised device, preventing it from spreading inside of your network. This gives you time to take your infected device off-line and remediate it before the malware can do any further damage. These new layers of protection are typically subscription based and cost less than $ 100 / year.
Another option is to rely on the expertise of a value-added reseller or managed service provider that focuses on small business to provide you with a bundle of layered solutions. In addition to recommending a bundle of products, they can help with the installation and monitoring of your network. Many value-added resellers and managed service providers are now in the process of adding this level of security service and support to home office and small business owners.
No matter what approach you take, it’s important to realize that the ever-evolving threat landscape means that you will need to add new layers of defense to the cybersecurity onion as the nature of these attacks change. It is also important to understand that ultimately the bad guys will get into your network:
“Let’s get the obvious and infeasible goal of ‘Don’t get compromised’ out of the way.”
Verizon 2018 Data Breach Investigations Report
The new paradigm in cyber defense is to identify these threats in real time and lock down the device or data before any real damage can be done.
Thank you for your share and make my tplinkwifirouter. com
In any case, expecting that your association has an online presence, stores client and companions data on cutting edge contraptions and usages cloud-based programming ometv. uk