You’re Still Not too Small

by

A Ransomware attack on your small business might not cause oil and gas shortages over a wide swath of the country, but rest assured cyber criminals want to exploit the files and data you have worked so hard to develop and maintain for their own profit.

In fact, reported Homeland Security Secretary Alejandro Mayorkas on May 13, small businesses now account for 50 percent to 75 percent of Ransomware attacks.

Ransomware attacks increased 300 percent in the past year as Ransomware gangs extorted and blackmailed $350 million from businesses through encryption of their data and then stealing that data and threatening to expose it to the public.

The plague has become particularly acute in industries that rely on their data to operate and are considered to be “one-stop shopping” for most if not all of the data hackers need to commit a wide variety of crimes ranging from financial to medical fraud.

Think data-intensive companies like accountants, law firms, and healthcare practices. If you run a small business in those industries, you should:

  • Layer multiple defenses on your network including anti-virus, firewalls, third-party threat hunters
  • Provide Cyber Security Awareness Training to you and your employees
  • Obtain cyber insurance to cover potential damages.

Understand that criminals don’t need to be computer geniuses or even know how to write a virus to commit their crimes. Dark Side, the group believed behind the Colonial Pipeline attack, sells Ransomware as a Service to make the job easier for other criminals. That makes for a lot of potential criminals and a lot of potential victims.

If you need help fortifying defenses or Cyber Security Awareness Training for you and your employees, call 302-537-4198 or email me personally at ericm@flexitechs.com.

Five Tips to Strengthen Security in Your Law Firm

by

No profession depends more on the confidentiality, integrity and availability of its data than law firms.

The information they collect forms the basis of all of their cases. Without it, they can’t represent their clients.

Because of the nature of that data, which includes PII, PHI, confidential and proprietary information, not to mention potentially embarrassing revelations, attorneys will be in the crosshairs of cyber criminals for the foreseeable future.

In fact, an analysis of public records by Law360 found that nearly 50 law firms reported data breaches in 2020 and that most were small and boutique firms. And that’s not all …

“There are probably many more attacks than what you’ve listed here. They just have not been documented in any official way,” said Claudia Rast, co-chair of the American Bar Association’s cyber security legal task force, to Law360.

The overwhelming majority of the 50 breaches (80%) was caused by human error or insider incidents.

To strengthen your firm’s security, consider the following five tips:

  • Secure Your Mobile Devices with Passcodes, Biometric fingerprint access, and Encryption
  • Create a culture of cyber security in your firm with policy-based Security Awareness Training
  • Watch Autocomplete in Emails to avoid inadvertently sending an email to the wrong person
  • Ensure remote devices and computers get the same protection at home and on the road as in the office
  • Consider multi-factor authentication on critical entry points to your network, such as computer logins, to prevent criminals from accessing it with a stolen user name and password caught up in a data breach that had nothing to do with your firm