A very sobering Symantec study found that 40 percent of more than 1 billion cyberattacks prevented in 2012 were committed against small businesses. The National Cyber Security Alliance revealed that one in five small businesses fall victim to cybercrime each year—and that number is rising.
An even more alarming statistic is that approximately 60 percent of those businesses fail within six months following a successful cyberattack.
With the recent news circulating around malware, such as the new WannaCry ransomware worm that has hit at least 150 countries and infected more than 200,000 computers, we felt it was appropriate to address the ransomware threat as well as other forms of malware in an effort to keep your business and customers safe.
How exactly does malware put your small business at risk?
What exactly is malware? How can it affect your company’s data and ability to do business?
Here are definitions for some of the most notorious forms of malware:
Malware is short for malicious software and is not a specific threat in of itself, but rather a comprehensive term that covers any software installed on your machine to perform undesirable tasks. This includes stealing or manipulating data, controlling access to your system(s), or otherwise harming the host computers. It is used to benefit the perpetrators without the consent of the machine or data owner. Malware routinely runs in the background and can go undetected for quite some time. Ransomware, viruses, spyware, and worms are all types of malware.
Descriptions of the most common types of malware
Ransomware is a form of malware that is used to capture and hold an individual’s data or computer hostage until the “ransom” is met. The ransom is frequently in the form of Bitcoin, a digital currency used in online transactions and is virtually untraceable.
The attack starts by encrypting the user’s data or locking the host system. This forces the user to pay the ransomware creator in order to receive a decryption key to unlock the data or remove the restrictions placed on the system.
Some ransomware will go as far as displaying a message and timer informing the user that their data will be erased completely unless payment is made prior to the time running out. In some cases, the amount of ransom goes up as remaining time goes down. Ransomware is typically spread through file download or network vulnerability.
Viruses are types of software capable of copying itself and spreading to other computers. The virus accomplishes this by attaching itself to other programs and executing code when a user launches the infected code. Viruses are used to steal data, damage host computers and networks, and more. Viruses can be spread through script files, documents, and vulnerabilities often found in web applications.
Spyware is a form of malware that gathers information from your computer by spying on user activity and transmitting it to a third party. This activity can include financial data, browser usage, as well as system information. The system information can also include applications installed, which can then be used to exploit any known vulnerabilities in those applications. More advanced spyware can monitor your keystrokes. This can provide critical data such as account numbers, usernames, and passwords to unscrupulous individuals. Spyware is usually spread by embedding the software in other applications, as well as downloads or network vulnerabilities.
Worms are one of the most common types of malware. They spread over networks, consuming bandwidth and slowing the system to a crawl. Worms can also carry payloads designed to delete files, steal data, or damage host systems. Worms have the ability to self-replicate and are frequently spread by sending mass emails with infected attachments. Many times, this email comes from a user known to the victim in order to deceive the user into opening it.
How can you protect your small business from malware?
Keep all your system’s anti-virus and anti-malware software up to date: Most anti-virus and anti-malware companies continually address and update their software to address new threats. If your software has an auto-update feature, make sure it’s enabled or create a regular schedule to update manually.
Ensure all your operating systems are up to date on patches: This is particularly true with Windows-based machines.
Put into place and enforce strong password practices and policies: The longer and more complex passwords are, the more difficult to guess or crack and are vital to a securing your systems. Guidelines in achieving strong passwords are:
Make all passwords at least 12 characters long. Password cracking software can discover most anything less than 12 in a matter of minutes or hours.
Include a random mix of numbers, letters, special characters, and capitalization.
Do not use patterns such as birthdays, names, addresses, or any other information that could be gathered through social engineering. These types of passwords are the first attempted and the easiest to crack.
Change your passwords infrequently. Forcing your employees to change passwords frequently can lead to bad password habits and forgetting new passwords.
You can use tools and websites such as How Secure is My Password to validate the overall strength of your passwords. These tools typically measure the strength by the length of time it would to crack the password using readily available (and many times free) cracking tools.
Develop and enforce an equipment use policy: Create guidelines for your staff members on what they are permitted to do with company-owned resources. This should include what they can and can’t do on computers and phones, such as internet and personal usage, software installations, backups, scans, etc.
Educate employees: This is one of the most essential actions in securing your business. Educate your employees to make smart computing decisions and to understand the current threats. Create regular security training sessions for your employees that cover security basics, to include strong passwords, email attachments, suspicious websites, download scanning, etc.
Report cyberattacks: If your business has fallen victim to an attack, notifying the appropriate authorities can help bring the criminals to justice. This can also increase your chance of recouping any losses incurred.
Today’s world is fraught with peril from cybercriminals who wish to profit from or destroy your hard work. Cybersecurity must be made a top priority to help prevent this. We must be prepared to protect our organizations through countermeasures that include anti-malware software, updating your systems, comprehensive policies, and procedures as well as user training programs.
If you can afford it, it is also recommended to have periodic security audits as a way to keep your business secure. There are many providers who will scan your environments, analyze existing policies, and make recommendations on how to harden vulnerabilities.
Unfortunately, cybercriminals are not going away anytime soon and they are targeting small businesses more than ever before. Keep security in the forefront and you’ll have a better chance to avoid becoming one of their many victims.
Ron Smith is an Infusionsoft Sr. Quality/Security Engineer. Having served in the USAF as a security specialist, he became passionate about security. During his 20 year career, he has worked for very large companies such as Microsoft, Intel, and Pearson, but his love for small business carried him to Infusionsoft. He is also the father of five boys and an avid Harley Davidson rider and home brewer.