Increasingly, small and medium business (SMBs) are becoming victims of cyber-crime. According to the FBI, cyber intrusions are becoming more commonplace, more dangerous, and more sophisticated. Fraudsters and identity thieves are targeting companies and their employees’ sensitive corporate and personal data. New York and New Jersey, working with the federal government, were forerunners in ramping up capabilities to curtail cyber-crime going back over two decades ago.
Today, information technology (IT) management techniques, designed to thwart criminal activity, continue to expand against the backdrop of an upsurge in nefarious IT intrusion activity. In this article, we will review many techniques recommended by U.S. government enforcement agencies (U.S. Department of Homeland Security/U.S. Secret Service) that will be helpful to SMBs in their battle to mitigate the risks and potential costs associated with cyber-crime.
Locally, the U.S. Secret Service Electronic Crimes Task Force for New York/New Jersey supports the U.S. Department of Homeland Security’s efforts to combat cyber-crime. With the evolution of computers as the facilitators (and targets) of criminal activity, the U.S. Secret Service broadened its role to include bringing perpetrators of cyber-crime to justice. In 1995, the U.S. Secret Service created the New York Electronic Crimes Task Force (ECTF) to increase the resources working with state, local, and federal law enforcement in dealing with electronic criminal activity. Later, the ECTFs were expanded to approximately 30 cities across the country, as a result of a mandate in the 2001 USA PATRIOT Act. Later, the U.S. Secret Service and the ECTFs became part of the U.S. Department of Homeland Security, following its creation in 2002.
Abdul Hammad, our Chief Information Security Officer, is a member of the New York/New Jersey Electronic Crimes Task Force. According to Mr. Hammad, “Fraud artists are continuously identifying ways to expand and diversify their criminal portfolio through technology.”
Some of the schemes investigated by the ECTF involving new technology include computer generated counterfeit currency, bank fraud, virus and worm proliferation, access device fraud, telecommunications fraud, Internet threats, computer system intrusions, cyber-attack, phishing/spoofing, identity theft, and Internet-related exploitation including ransomware.
Spoofing/Phishing/Ransomware – what is behind the terminology?
For the benefit of SMB non-IT owners and managers, we feel it is appropriate at this point to review a few of the most prevalent cyber-crime terminology and techniques:
What is Spoofing?
Spoofing and phishing are terms that are sometimes used interchangeably. However, they are not the same. Spoofing is a technique where counterfeit corporate emails trick business owners or employees into taking an action which is harmful. As an example, an official-looking email (using hijacked logos and other distinctive graphics) instructs the computer user to take precautionary actions to protect the company’s or computer user’s finances. Clicking on a link executes a malicious file that damages the operating system and critical applications while propagating throughout the network.
What is Phishing?
Phishing is a form of spoofing in that it deceives the computer user with legitimate-looking messages. (The word “phishing” is a homophone of “fishing”, based on the similarity of using a bait in an attempt to catch a victim). A phishing scam typically provides a link to an illegitimate website where the end-user is required to enter sensitive account information such as social security number, tax ID, or bank account information.
In February 2017, the IRS issued an urgent alert regarding a growing W-2 phishing scam during tax season. The scam involves cyber-criminals sending a fake email pretending to be from a high-level corporate employee. They request information about employee forms W-2 from a company’s payroll or human resources department. As a result, fraudsters can capture all of the data for an entire company. With such information, the cyber-criminals can use the information to file fraudulent tax returns and obtain tax refunds from the IRS. The IRS reports that the scam is ballooning, affecting more and more companies and other organizations.
According to a Microsoft industry report, the annual worldwide impact of phishing could be over $5 billion. The PhishLabs 2017 Phishing Trends & Intelligence Report cites phishing volume growing by an average of over 33% across the five most targeting industries. Also, it states that ransomware, the predominant type of malware being distributed by phishing, is now focused on the organizations most likely to pay ransoms — including small business.
What is Ransomware?
Ransomware is malicious software (malware) that installs covertly on computers and other electronic devices, restricting access to data and demanding a ransom payment to disable it. Ransomware can encrypt a victim’s files, making them inaccessible. Wide-ranging attacks involving encryption-based ransomware began to increase through malicious software such as CryptoLocker and CryptoWall, which have accrued over $20 million in ransom, based on FBI estimates.
Not sure about the level of security in your organization? Call us 201-493-1414 and request more information today.
10 Actions You Can Take to Protect Your SMB
In October 2016, the U.S. Department of Homeland Security / U.S. Secret Service published its Cyber Hygiene & Cyber Security Recommendations. To provide perspective on this report, Abdul Hammad (powersolution.com Chief Information Security Office and member of the New York/New Jersey U.S. Secret Service Electronic Crimes Task Force) states, “These recommendations have broad applicability – including with our SMB clients in New York and New Jersey that are critically dependent on their business systems.” Mr. Hammad goes on to say, “We work to transition our clients from a reactive to a proactive mindset in terms of implementing IT security measures.”
The following are the 10 of the key recommendations provided in the U.S. Secret Services’ Cyber Hygiene & Cyber Security report that we believe should be proactively implemented by SMBs in New York, New Jersey, and other regions:
- Maintain and Update Complex Passwords: Develop lengthy and complex passwords. Use different passwords for social networking sites, email accounts, and online banking sites. Passwords should be changed on a regular basis using unique account names and keeping them complex. Passwords should be at least 8 characters long and contain a mix of upper and lower case letters, including numbers and special characters. It is also important to regularly update your passwords to minimize the risk of your older password being reused with malicious purpose.
- Ensure Your Operating System Is Up-To-Date: Operating systems have a life cycle with gradually reduced support levels available over time. At end-of-life, continued use of an unsupported operating system on a workstation or server eliminates the ability to receive automatic updates, which creates a significant security vulnerability. Operating systems are usually configured to automatically update or at least prompt you that updates are available. This feature should not be disabled. Most updates are released to address certain security issues. This makes it extremely important that your IT personnel properly enable the updates to ensure your computer has the latest protections known within the industry. Ensure Remote Desktop Protocol (RDP) is properly managed and secure. A remote desktop software enables others to access your computer over a network or the Internet. This is very useful in terms of remote servicing of the computer by a qualified and authorized technician, but it can also be exploited by hackers if not properly managed.
- Install and Update Proper Antivirus/Antispyware Software: Viruses and other malicious software programs can infect a personal computer or server without your knowledge. Ensure that business-level antivirus software from a reputable company is installed and set to update automatically.
- Install a Business-Level Firewall: A reputable business-level firewall will protect your SMB from a variety of cyber-related threats. The firewall should be configured and managed by qualified IT professionals. A firewall is a hardware device or software that can prevent traffic from hackers, viruses, worms or other malware that is specifically designed to compromise your IT infrastructure and your business.
- Scrutinize Email Attachments: Best security practices mandate that users never open or download an email attachment from someone you do not know or from someone that has rarely contacted you. Also, caution must be taken when opening emails from someone you do know, as that person may have unknowingly forwarded you an email attachment containing a virus or some other malicious software.
- Password Protect Your Wi-Fi: Business-level wireless networks should be procured from reputable manufacturers and configured by qualified IT professionals, utilizing strong/complex passwords. It is also wise to steer clear of public, unsecured Wi-Fi access.
- Back Up Important and Sensitive Data: Important and sensitive data must be backed-up in a secure manner. Choosing a cloud-based backup and recovery provider that offers continuous backup protection or configurable backup schedule is highly recommended to minimize downtime, enable timely data recovery, and supplement any on-site data backup.
- Utilize Two-Factor Authentication: When sharing sensitive information, utilize two-factor authentication such as a password and SMS text code or a password and a security token to prevent unauthorized remote access to your emails or other sensitive data.
- Third-Party Service Provider-Adequate Security: SMBs who utilize third-party service providers to design, install, and/or support their IT environment should ensure that the third-party applies comprehensive cyber-crime precautions, in accordance with industry best practices, standards, and compliance regulations.
Be Proactive in Implementing IT Security Precautions
In summary, it is imperative that SMBs in New York, New Jersey, and other regions proactively implement several levels of IT Security precautionary measures. This should be a top priority for business owners, managers, employees, and consumers.
As the use of technology has grown exponentially, so had technology-based crime. Industry experts project from 2016 to 2019, global cyber-crime expenses will more than triple to over $2 trillion. Surprising to many, it is estimated that up to 40 percent of security breaches are carried out by insiders.
SMBs should have firm security policies in place, making certain that they are followed. IT hardware, software, and networks should be kept up-to-date, investing in the best possible security technology. Companies should maintain best security practices and associated business processes.
The U.S. Department of Homeland Security and U.S. Secret Service are diligently pursuing and convicting cyber-criminals. However, the accelerating levels of IT-related criminal activity mandates increased security measures by SMBs to protect their businesses and avoid potential costs of being reactive rather than proactive.