Presented by an expert in data security with more than 20 years of experience. Provides an overview of which types of companies and institutions have been targeted by ransomware and malware, how these attacks can happen and what businesses can do to protect themselves.
2. About me
Welcome Networks
• IT Services and Support to Accounting firms and
Businesses
• Private Cloud Servers, Virtual Desktops and Microsoft
Azure
• Support more than 200 Software. Office 365, CCH
Products, Caseware, QuickBooks, Sage 50, Adobe,
and other tax software etc.
Over 18 years of IT experience
•
•
3. City of Spring Hill, Tenn. – Nov, 2017
Ransom Demand: $250,000
5. Victims Profile
• Government institutions like the Office of Personnel
Management, CRA, IRS, Police
• Retailers including Sony, Walmart, CVS and Costco
• Large insurance companies
• Online businesses like the Ashley Madison dating site
• Thousands of small & medium size businesses
6. How big is the problem?
• 90% of Canadian businesses experience cyber intrusions each year
• Millions of new threats released every month. Every new threat is
faster, sneakier and uses creativity of hackers.
• Malware attacks nearly doubled to 8.19 billion from last year
• Costs the global economy up to $ 600 billion annually
• Source: ICCTC (Information and Communications Technology Council of Canada), Dell SonicWALL (GRID) Network
7. Current Major Challenge - Ransomware
• Through e-mails, infected programs and compromised websites
• Can infect PC, Mac, Servers, Network shares, Dropbox, mobile
devices, emails, online accounts, databases and other systems
• Ransom note - Pay to regain access or data is permanently
encrypted
• Few hundred dollars to over tens of thousands of dollars!
• Average ransom payment: $1077 per infection
• Use BitCoin or other hard to trace online payment method
• Nothing helps but GOOD backups, may lay dormant for days or
weeks
• Infamous CryptoLocker, Cryptowall, Lockey and KeRanger
• Horror story – Ransomware hit 7 days of productivity
• Ransom for data decryption, Ransom to prevent it from being
published externally online
10
11. What’s at Risk?
• Single device or the whole infrastructure
• Data Loss – Personal or business information
• Financial Loss
• Reputation damage
• ID Theft – Target names, birthdays, medical IDs, Social
Insurance numbers, street addresses, e-mail addresses and
employment information. Employee Payrolls hijacked.
• Possible intellectual property theft, fraud or crime. Hack into
Business Wire, Marketwired, PR Newswire
Heavy fines in certain industries
12. Managing Risks
Anti-virus Software
• On PC, tablets, and mobile
• Only use reputable anti-virus/anti-spyware
• Kaspersky, Bitdefender, AVG, McAfee, ESET,
Symantec, Malwarebytes
• Can catch phishing attempts in emails, social
media sites
Fully Patched Systems
Malware & exploit kits target
unpatched systems
Protection with modern firewall
• Old routers & firewalls may not be able to
filter out risks
• Firmware & regular updates from the
vendor for latest threats
• Utilize an intrusion prevention system (IPS)
or malware detection and isolation
13. Email
Never click links in an unsolicited email or attachments
In doubt – upload to virustotal.com
• Avoid enabling Macros in MS Office documents
• Avoid sending sensitive information by clear text email
• Use secure portals for data exchange
• Some traits of fake email
• Email is not addressed to you by name
• Personal information request
• Call for an urgent action or a threat (i.e. closing your account)
• Incorrect spelling or grammar
• About an event or entity that you have no idea about
15. Compromised Passwords
• Responsible for over 20% of data
breaches
• Use complex and random characters
• Long passwords are better
• Avoid birth date, mother’s maiden name,
children's names or last four digits of
SIN
• Never double dip. Always have a strong
& unique password for every site
• Password Management: True Key,
1Password, Dashlane, KeyPass.
• Consider two-factor authentication
16. Add Extra Layer of Protection
Multifactor authentications Duo Security, Google, Microsoft etc.
Managing Risks
17. Compromised Websites
• #1 Target for Hackers
• Exploit laced web pages. Malvertising - Block advertising laced
websites. NoScript plugin for Firefox/Chrome
• Don't save critical information in browser
• Most SAAS are delivered through web browser today so keep
browsers and plugins up to date
• Watch for browser redirections. Be aware of suspicious websites
that open on your device and downloads start automatically
• Never submit sensitive information without https://
• Virtualized secured browsers from cloud for sensitive work
20. Securing Mobile Devices
• Malicious app on Android ecosystem continue to rise
• Install applications only from trusted play stores like
Google Play, Apple Store
• Update to the latest version of Android or iOS
• Avoid jailbreaking iOS or rooting the Android device, as it
increases the damage caused by possible infection
• Install AV and other mobile security apps for Android
devices
• Always password protect your mobile device & account
• Always enable remote wipe
21. Managing Risks - Establish Policies
• Limit access to critical data
• Limit use of untrusted public Wi-Fi for sensitive work. Wi-Fi
Hijacking
• Establish cyber securities policies for guest internet use – no
local access
• Just doing backup is not good enough
• Disaster happens
22. Bit of Social Engineering
• Getting yourself informed about common online
misinformation and scams
• Fraudulent emails, telephone calls or in-person visits to
steal employee credentials
• Be aware of the dangers of social media. Social Media – a
channel for ID Theft. Geo-tagging – Foursquare
• Train employees to be security-minded from the moment
they’re hired
Important to shore up your company's last line of defense
23. Final Thoughts
It’s not all gloom and doom
Malware is here to stay
Tremendous rewards if risks well managed
Your Last Line of Defense: Employees