By Florian
Malecki, Acting Chief Marketing Officer at Arcserve
Last year, as consumers flocked online to buy flowers,
chocolates, and other gifts for their loved ones to celebrate Valentine's Day,
researchers at cybersecurity firm Check Point found something unsavory-indeed,
downright malicious. In the run-up to February 14, 2021, cyberattackers
launched over 400 new Valentine's Day-themed phishing emails targeting innocent users every week, a 29% increase on
the previous year. Heartless hackers are now deploying a bigger-than-ever
arsenal of Valentine's Day scams, including phishing emails and fake e-greeting
cards filled with malware, phony florist websites that steal credit card
information, and dozens of other tricks. True, if you're security-savvy, you
probably won't be fooled. But your employees might.
Cybercriminals long ago figured out that most people are
less guarded around holidays when they're festive and busy, so the bad actors
escalate their attacks at these times. But you can fight back. Here are five
ways to protect your business from Valentine's Day heartache.
1: Be on high
alert during your high season
You're well aware of the most critical times to your
business. If you run a pool-cleaning company, the summer months are your peak
period. The weeks and months before Christmas are make-or-break if you have a
toy store. Easter and Halloween are your big seasons if you operate a candy
shop.
These are the times when your systems and data must be
up, running, and working smoothly. You know this. And who else knows? Hackers!
They will use this knowledge to target your business when it is most vulnerable
and extort the maximum ransomware payoff. Hackers understand that if they
choose Valentine's Day to compromise the website of a flower chain, the chain
will pay a hefty price to get its systems back up and running because every
hour down is more dollars lost.
All businesses should be on high alert during their high
season. They must ensure that they have the proper protection to thwart hackers
and that their defenses are strong when they need them the most.
2: Back up and
encrypt your data
Offline backups and data encryption can play a crucial
role in protecting your organization from ransomware attacks. You should
quickly restore any compromised systems if you have good offline backups. The
backups also need to be offline because all your online connected drives will
be locked up in the event of a ransomware attack.
Encrypting your sensitive data is also highly
recommended. If attackers gain access to your critical assets, they won't be
able to extort you if your data is securely encrypted.
3: Educate your
employees
Almost 90% of security breaches are caused by human error.
But a security-awareness training program can effectively teach your employees
what they need to know to prevent breaches, such as how to recognize those
phishing emails that open the door for almost half of all ransomware attacks.
You can also help by reminding your workers to practice
good cyber hygiene, especially now that employees often do their jobs remotely.
Stress the importance of basic measures like backing up data on a consistent
schedule and in multiple places. If workers are storing data primarily on a USB
drive, remind them to back up that data on a hard drive or in the cloud. If
they're storing data primarily in the cloud, remind them to save a copy offline.
4: Add MFA to
your systems
Here are two stats to think about. Eighty-one percent of breaches leverage stolen or weak
passwords. One million passwords are stolen every week.
But you can protect yourself against pilfered passwords
with multifactor authentication (MFA). It's one of the easiest and best ways to
defend your company from a hack and brings an extra, effective layer of
security to your systems.
Adding a second authentication factor, such as Google
Authenticator, is vital for protecting your accounts. Using a password wallet
that stores all your passwords and creates long, complex passwords for each
account is also recommended. Always, of course, make sure to turn on two-factor
authentication for the password wallet account.
5: Test your
defenses
While it's essential to have a strong backup, as
mentioned above, it is just as crucial that you're able to recover lost data
quickly and thoroughly. Are you? To be sure, you must test. You should
regularly test your backup copies to be sure they can reliably restore your
data.
You should also test your security regularly. An
excellent way to do this is with penetration testing. A pen test is a simulated
attack on your business that evaluates the security of your IT infrastructure.
A thorough, professional pen test will cost $10,000 to $30,000. Yes, that's
expensive. But keep in mind that the average cost of a data breach is now over $4 million.
A lot of hearts will be bursting on Valentine's Day. A
lot will be broken too. Make sure yours isn't one of them. Take steps to
protect your business from cyberattacks and spend your February 14 reaching out
to those your care about-not desperately trying to reestablish contact with
your lost data.
##
ABOUT THE AUTHOR
As acting Chief Marketing Officer at Arcserve, Mr. Florian Malecki drives the development of the vendor's data protection and storage solutions for the regions’ markets. His key responsibilities include messaging, positioning, and the evangelization of Arcserve data protection and scale-out immutable storage solutions to customers, partners, media, and industry analysts. Prior to joining Arcserve (formerly StorageCraft), Mr. Malecki worked in senior roles at SonicWall, Dell, Aventail, ClearSwift, Omgeo, Lucent Technologies and Air Products. He earned a Master’s degree in Business, Marketing and Technology from Ecole Supérieure Des Affaires et DesTechnologies, France.